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1 Introduction 


This technical report contains the HOL listings of the specification of the design and major portions of 
the requirements for a commercially-developed processor interface unit (or PIU). The PIU is an interface 
chip performing memory-interface, bus-interface, and additional support services for a commercial micro- 
processor within a fault-tolerant computer system. This system, the Fault-Tolerant Embedded Processor 
(FTEP), is targeted towards applications in avionics and space requiring extremely high levels of mission 
reliability, extended maintenance-free operation, or both. 

This report contains the actual HOL listings of the PIU specification as it currently exists. For those 
interested in an informal description of the PIU specification, NASA CR-4521 contains a discussion of the 
modeling issues involved in the PIU specification, as well as an overview of the specification itself. 

Section 2 of this report contains general-purpose HOL theories that support the PIU specification. 
These theories include definitions for the hardware components used in the PIU, our implementation of n- 
bit words, and our implementation of temporal logic. 

Section 3 contains the HOL listings for the PIU design specification. Aside from the PIU internal bus 
(I_Bus), this specification is complete. 

Section 4 contains the HOL listings for a major portion of the PIU requirements specification. Specifi- 
cally, it contains most of the definition for the PIU behavior associated with memory accesses initiated by 
the local processor. 
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2 Supporting Theories 

This section contains general-purpose theories used in the PIU specification. The theories array _def, 
wordn_def, busn_def, and templogicjdef contain our implementations for arrays, n-bit words (of bit-type 
bool), 4-valued logic, and temporal logic, respectively. The theories gates_defl, latches_def,jfs_def, coun- 
tersjdef, datapaths _def, and buses_def contain component models for logic-gates, latches, flip-flops, 
counters, datapath elements, and bus nodes, respectively. 

% 


Files array_def.ini 

Author: (c) P. J. Windley 1992 

Da script ion: 

Prova auxilliary theorem* about functions so that functions 
can be easily used to represent arrays. 

Modification History: 

24FKB92 — Original file. Many of the theorems included were 
motivated by theorems defined on lists in 
list_aux.ml. 

26FBB92 — [DAF] Modified order of parameters in calls to 
ALTER, MALTER, SUBARAAY to match simulation 
language syntax. Added definition of ELEMENT. 

04OCT92 — [DAF] Added theorem SUBARRAY_MALTKR_IDBNT . 

140CT92 -- [DAF] Added definition DBF_SIZE. 

290CT92 -- [DAF] Added definition ARBN (from wordn_def ) . 
14DEC92 — [DAF] Added theorem SUB_SURARRAY , 


% 

■at search path (search path() ® [ ' /home/elvis6/df ura/f tep/piu/hol/lib/ 4 ; 

' /home/elvis6/dfura/hol/ml/ ' 

])/; 


system 4 rm array_def .th' / ; 
new_ theory 4 array_def ' / ; 
loadf 4 aux_daf s 4 ; j 
load_ library 4 reduce 4 ; ; 

% 

Auxilliary array definitions and theorems. 

We will use functions to represent arrays. The definition 
that follows defines a ALTER function that can be used to set 
the nth member of an array. The following lemmas are useful 
in reasoning about array operations . 

% 


let ALTER_DBF - new_def inition 
( 4 ALTBR_DEF 4 , 

44 ALTER (f :*->** } n x » (\m. (a • n) ■> x I (f m) ) 44 
)}> 

let ALTBR_THM - prove_thm 
( ' ALTBR_THM 4 , 

44 ALTER (ft *->**) n x y * (y*n) «>x I (fy)", 
RBWRITE_TAC [ALTBR_DBF] 

THEN BBTA_TAC 
THEN RKFL_TAC 

)/; 
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% 

ALTERJKQUAL is simlar to the BL_SET_BL lamina for lists. 

% 

let ALTER_EQUAL * prove_thm 
( 'ALTKR_EQUAL ' , 

m \ x n (f : *->**) . (ALTER f n x) n * x", 

REPEAT GEN_TAC 

THEN RE WR I TB_T AC [ALTER_DEP] 

THEN BBTA_TAC 
THEN RHWRITB_TAC [ ] 

) ? J 


% 

ALTBR_NON_BQUAL is similar to NOT_EL_SBT_BL for lists. 

% 

let ALTBR_NON_BQUAL = prove_thm 
( * ALTER_NON_BQUAL ' , 
m 1 n m (f : *->**) x . 

~ (n * m) == > 

(f n * (ALTER f m x) n)", 

REPEAT OBN_TAC 

THEN RBWRITE_TAC [ALTER_THM] 

THEN STRIP_TAC 

THEN ASM_REWRITH_TAC [ ] 

) ; J 


% 

ALTBR_COMMUTE S is similar to SET_BL_SBT_BL for lists. 

% 

let ALTER_C OMMU TE * prove _thm 
( * ALTER_COMMUTE ' , 

-1 <dl:*> d2 ( f : ) (x:**) y . 

~(dl « ctf ) -*> 

((ALTER (ALTER f dl x) dl y) « 

(ALTER (ALTER f dl y) &2 x) ) " , 

REPEAT GBN_TAC 

THEN CONV_TAC ( ONCB_DBPTH_CONV FUN_EQ_CONV) 

THEN RBWRITB_TAC [ALTER_THM] 

THEN STRIP_TAC 
THEN OBN_TAC 

THEN REPEAT COND_CASES_TAC 
THEN ASM_RBWRITB_TAC I] 

THEN UNDISCH_TAC ( (dl: *) * d 2)" 

THEN ASSUM_LIST ( \thl . RBWRITKJTAC (map SYM_RULB thl) ) 

) ;; 


%< 


Until now, it hasn't mattered what the type of the subscript is 
and so the previous lemmas were all general, even though 
someone using them to represents arrays, would probably be 
using numbers as subscripts. 

Now, we want to reason about subarrays given as a sequence from 
a starting value to an ending value. This presupposes that the 
subscripts can be totally ordered. To make life easy, we won't 
be that general, but will use numbers as subscripts. 


■% 


let SUBARRAY_DBF - new_def inition 
( ' S UBARRA Y_DB F ' , 

* 1 n m (f inum->*) . 

SUBARRAY f (m,n) * \x. ( (x+n) <- m) -> f (x+n) | ARB" 

) ti 

let S UBARRA Y_THM - prove_thm 
( ' SUBARRAY_THM ' , 

* ! n m (f tnum->* ) 

SUBARRAY f (m, n) x - ((x+n) <- m) -> f(x+n) | ARB" , 
REPEAT OEN_TAC 

THEN REWRITB_TAC [ SUBARRAY_DEF ) 
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THEN BBTA_TAC 
THEN RBFL_TAC 

) /; 


lat BLEMENT_DBF * new_def ini t ion 
( ' BLBMHNT_DBF ' , 

"l m (f:num->*) . 

ELEMENT f (m) * f m* 

) j; 

% 

MALTBR alter* multiple value* in an array. 


lat MALTBR_DBF * naw_daf inition 
( 'MALTER_DBF * , 

*i n m f (gmum->*> . 

MALTBR £ (m, n) g - 

\x • (n <- x /\ x <* m) «> g (x-n) I £ x" 


let MALTBR_THM ■ prove_thm 
{ ' MALTBR_THM ' , 

"1 n n (xtnum) g (f :num->*) . 

MALTBR f (m,n) g x * (n <= x /\ x <* m) ■> g (x-n) I £ x", 
REPEAT OBN_TAC 

THEN RBWRITE_TAC [ MALTS R_DEF ] 

THEN BBTA_TAC 
THEN REFL_TAC 

)/; 


let MALTER_SOBARRAY_IDBNT - prove_thm 
( ' MALTBR_SUBARRAY_IDBNT ' , 

"in m (fi*num-> # ) . MALTBR £ (m,n) (SUBARRAY £ (m,n)) * t m , 

RBFBAT OEN_TAC 

THEN CONV_TAC ( ONCB„DBPTH_CONV FUN_BQ_CONV ) 

THEN RBWRITB_TAC (MALTBR_THM; SUBARRAY_THM] 

TBBM OEN.TAC 

THEN REPEAT COND_CASBS_TAC 
THEM ASM_RBWRITS_TAC [ ] 

THEN ASSUM__LIST ( \thl . MAP_BVERY ASSUMB_TAC 

(flat (map CONJUNCTS (filter (i*_conj o concl) thl) ) ) ) 

THEM IMP _RE S_TAC SUB_ADD 

THEN TRY (UNDISCH_TAC ( (n # - n) + n) <* m w ) 

THEN ASM_RBWRITB_TAC [1 

); ; 

lat HALTBR_SUBARRAY_SUBSCRIPTS - prove_thm 
( 1 KALTER_SUBARRAY_SUBSCRIPT ' f 

"in m x (f:num->*) g . 

MALTBR £ (m,n) (SUBARRAY g (m,n)) x * 

(n <* x /\ x <* m) *> g x I £ x", 

REPEAT GEN_TAC 

THEN CONV_TAC ( ONCB_DBPTH_CONV FUN_EQ_CONV) 

THEN REWRITB_TAC ( MALTBR_THM ; S UBARRA Y_THM J 
THEN REPEAT COND_CASBS_TAC 
THEN ASM_RBWRITB_TAC [] 

THEN ASSUM_LIST { \thl . MAP _ EVERY ASSUMB_TAC 

(flat (map CONJUNCTS (filtar (±*_conj o concl) thl)))) 

THEN IMF_RES_TAC SUB_ADD 

THEN TRY (UNDISCH_TAC *-((x - n) + n) <* m") 

THEN ASM_RBNRITB_TAC [] 

)ti 

lat lenmal - TAC.PROOF 

{([], "!(a ibool) (bed :*) . a *> (a *> b I c) I d ■ (a => b I d) w ), 

REPEAT OBN.TAC 

THEN REPEAT COND_CASBS_TAC 

THEN REWRITE_TAC [ ) 

)/; 
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let len»a2 = TAC_PROOP 

(([]/ *1 (a b c :num) . (b <= c) «> (((a + b) <= c) = (a <= c - b))*), 

RBPSAT STRIP_TAC 

THEN PURB_RBWRITB_TAC [SPBCL [ -a * num* / *c : num - b : nuro" ; "b : num* 3 
(SYM_RULB LBSS_BQ_MONO_ADD_BQ ) ) 

THEN IMP_RBS_TAC (SPBCL [*b:num"; w c;n\im"] SUB_ADD) 

THEN ASM_REWRITB_TAC [ 3 

);; 

let ARBN » new_def ini t ion 
( ' ARBN ' , 

* (ARBN : num- > * ) - \n. ARB* 

) ;i 

lat SUBARRAY_MALTKR_IDHNT * prova_thm 
( ' SUBARRAY_MALTBR_IDBNT ' , 

*! (m n mum) (f g h :num->*) 

((n <« m) /\ 

(g « MALTBR ARBN ((m-n),0) h) ) 

«S> 

(SUBARRAY (MALTBR f (m,n) g) (m,n) * g)*, 

REPEAT STRIP_TAC 

THEN CONV_TAC <ONCB_DBPTH_CONV PUN_BQ_CONV) 

THEN ASM_REWRITB_TAC (MALTBR_THM; SUBARRAY_THM ; ARBN; 

SPBCL [ "n ' i num* ? *n : num* ] ADD_SUB; 

SPBC *n' mum* 2ER0_LESS_BQ; 

SPEC "n ' : num" SUB_0 ; 

SPBCL [ *n j num* ; *n ' s num" ] 

(ONCB_RBWRITB_RULE [ADD_SYM] LBSS_EQ_ADD) ] 
THEN IMP_RB S_T AC ( SPBCL [ *n ' : num* ; "n j num* ; "m : num" ] ( SYM_RULB lemma2 ) ) 

THEN ASM_RRWRITE__TAC [ lemma 1 ] 

);/ 

lat SUB_SUBARRAY ■ prove_thm 
( ' SUB_SUBARRAY ' , 

* ! (C :num->*) (m n p mum) . 

(m <■ p) **> 

(SUBARRAY (SUBARRAY f (p, 0 ) ) (m,n) * SUBARRAY f (mm))"/ 

REPEAT STRIP_TAC 

THEN CONV_TAC (ONCB_DBPTH_CONV PUN_BQ_CONV) 

THEN REWRITE_TAC [SUBARRAY_THM ; ADD_CLAUS BS] 

THEN GEN_TAC 

THEN ASM_CASBS_TAC * (n'+n) <* m* 

THEN IMP_RBS_TAC (SPBCL [ *n ' +n* ; "m : num" ; "p : num" ] LESS BQ TRANS) 

THEN ASM_RBWRITB_TAC [ ] 

) ?l 

lat DBF_SIZB * new_def inition 
( 'DEP_SI2B ' , 

" ! (f mum->*) (n mum) . 

DEP_SIZB f n ■ MALTBR ARBN (n,0) f* 

) ;; 

cloaa_thaory ( ) / / 


% 


Pila: wordn_def.ml 

Description: 

Dafina* a theory of word* which contain* a definition for 
converting between functions from number* to boolean* and 
natural numbers and prove* various useful theorems about 
this definition. This file is based on a theory that was 
orginally authored by Graham Birtwhistle of the University 
of Calgary in 1986. 

Author*} (c) Graham Birtwhistle, Phillip Windley, 1968, 1992 
Modification History: 
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2 8F2B92 — [PJW] Original flla from word*. ml 
10MAR92 -- [PJW] Addad dafinition of WORDN. 

13MAR92 -- [DAF] Addad dafinition* of bv, SBTN, RSTN, GNDN, 
NOTN, INCH# DBCN. 

130CT92 -- [DAF] Addad dafinition of ANDN, ORN. 

01DBC92 -- [DAF] Addad thaoram* VAL_W0RDN_IDBNT_3 , 

W0RDN_3_N0T_BQUAL. 




*®t_»««rch_p*th (••arch_p«th( ) 8 [ ' /hom*/«lvi»6/dfura/hol/Library/tool«/ ' j 

7 /'homa/*lvi*6 /dfura/hol/ml/ 7 ] ) / / 


systam 7 /bin/rm wordn_daf . th 7 ; ; 

naw_thaory 7 wordn_daf 7 ; / 

loadf 7 aux_daf ■ 7 / ; 

map naw_parant [ 7 piuaux_daf 7 ] ; ; 

map load_parant [ 7 array_daf 7 / 7 inaq 7 ] ; ? 

naw_typa_abbrav ( ' wordn ' , 77 : num->bool" ) ; ; 

load_library 7 raduca 7 / j 

% - — 

Dafinition* 


lat bv ■ naw_da f init ion 
( 7 bv 7 , 

"1 (b:bool) . 
bv b ■ (b) ■> 1 I 0" 

)?; 

lat VAL * naw_pri»_r*c_daf inition 

( 7 VAL 7 , 

77 (VAL 0 (f i wordn) * bv (f 0)) 

(VAL (SUC n) f - ((2 BXP (sue n) ) • (bv (f (SUC n) ) ) ) + VAL n f) 77 
)// 

lat po»_val * n*w_daf init ion 
( 7 po*_val 7 , 

"\ (xs wordn) (yinum) . 

po*__val x y * (bv(x y) ) * <2 BXP y) 77 

)n 

lat ONBS * naw_prim^rac_daf inition 
( 7 ONBS 7 , 

77 (ONBS 0 a - (a 0) ) 

/\ 

(ONBS (SUC n) a * (a(SUC n) > A (ONBS n a) ) 

*) ; t 

lat ZBROS * nawj>rim_rac_daf init ion 
( 7 ZBROS 7 , 

77 ( ZBROS 0 a * - ( a 0 ) ) 

A 

(ZBROS (SUC n) a ■ - (a (SUC n) ) A (ZBROS n a)) 

") t t 

lat WORDN * naw_daf inition 
( 7 WORDN 7 , 

77 ! (n xmurn) . 

WORDN n x * \m. (m <■ n) ■> ((x DIV (2 BXP m) ) MOD 2*1) I ARB H 
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);; 

1st SBTN * nsw_dsf inition 
( ' SBTN ' f 

" I (xtnum) . SBTN x * \(ntnum) . (n <= x) => T I ARB" 
) /; 

1st RSTN ■ nsw_dsf inition 

( 'RSTN' , 

"I (z:num) . RSTN x » \(n:num). (a <■ x) *> F t ARB" 

)// 


1st ONDN = nsw_dsf inition 
( 'ONDN', 

"! (xtnum) (tit im« ) 

ONDN x t * ((\(ntnum). (a <a x) => F | ARB) , 

(\(ninum) . (n <« x) ■> F \ ARB))" 

) ;/ 

1st NOTN = nsw_dsf inition 
( 'NOTN' , 

" ! (xtnum) (ftwordn) . NOTN x £ * \(n:num) . (n <= x) *> ~ ( f n) 

);; 

1st ANDN a nsw_dsf inition 
( ' ANDN' , 

"1 (xtnum) (f g twordn) 

ANDN x £ g * \(ntnum) . (a <* x) -> { (f a) /\ (g a) ) I ARB" 

);; 


1st ORN * nsw_dsf inition 
( 'ORN' , 

"1 (xtnum) (£ g twordn) 

ORN x £ g ■ \(ntnum) (a <* x) *> ( (£ a) \/ (g n) ) I ARB" 
)/; 

1st INCN * nsw_ds£ inition 
( 'INCN', 

"1 n £ . 

INCN n £ - (ONBS n £) *> RSTN a I WORDN a ( (VAL a f) +1)" 

) ;; 


1st DBCN * nsw_dsf inition 
( 'DBCN' , 

"Inf. 

DBCN n f « (ZBROS a £) *> SBTN a I WORDN n ((VAL n f) - 1) " 

) ;; 


1st VAL_WORDN_IDBNT_l « provs_thm 
( ' VAL_W0RDN_IDBNT_1 ' , 

"! a tnum . a <* 3 -«> (VAL 1 (WORDN In) * a)", 
RBWRITB_TAC [VAL/ WORDN; bv; num_CONV "1"; 
LKSS_BQ_3_CASBS ] 

THEN BBTA_TAC 

THBN RBPBAT STRIP_TAC 

THEN ASM_RBWRITB_TAC [] 

THEN REDUCB_TAC 

)n 


1st SIZB_1 ■ nsw_dsf inition 
( ' SIZE_1 ' , 

" ! x twordn . SIZE_1 x * la tnum. -a <« 1 *■> (x n = ARB}" 

) ;/ 

1st W0RDN_VAL_IDBNT_1 * provs_thm 
( ' WORDN_VAL_ I DBNT_ 1 ' , 

" ! x twordn . SIZB_1 x ««> (WORDN 1 (VAL 1 x) « x)", 

RBWRI TB _ T AC [SIZB_1 jnum_C0NV "1" /VAL/ WORDN ;bv] 

THBN OBN_TAC 

THBN RBDUCB_TAC 

THBN RBPBAT STRIP.TAC 

THBN CONV_TAC (0NCE_DBPTH_C0NV FUN_BQ_CONV) 


I ARB" 
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THEN BETA_TAC 

THEN OEN_TAC 

THEN COND_CASBS_TAC 

THEN RES_TAC 

THEN ASM_RBWRITK_TAC [ ] 

THEN XKP_RES_TAC LESS_BQ_1_CASES 
THEN ASM_REWRITE_TAC [] 

THEN BOOL_CASBS_TAC " (x 0 ) ibool" 

THEN BOOL_CASBS_TAC * (x 1) tbool" 

THEN ASM_RBWRITE__TAC [ ] 

THEN RBDUCE_TAC 
) /; 

let SIZB_SUBARRAY_1 « prove_thm 
{ ' SIZB_SUBARRAY_1 ' , 

-1 x iwordn . SIZB_1 (SUBARRAY x (1,0 ) )", 

RBWRITB_TAC [SIZB_1; SUBARRAY_DBF; ADD_CLAUSBS] 

THEN BBTA_TAC 

THEN REPEAT STRIP_TAC 

THEN ASM_REWRITE_TAC [ ] 

);; 

let VAL_WORDN_IDBNT_3 - prove_thra 
( ' VAL_WORDN_IDBNT_3 ' , 

m | n : num . n <« 15 *■> (VAL 3 (WORDN 3 n) * n)", 

RBVRI TB_TAC [VAL ; WO RUN ; bv ; num_CONV "3"/ nuin_CONV **2" } num_CONV *1"; 
LRSS_EQ_1 5_CASBS ] 

THEN BBTA_TAC 

THEN REPEAT STRIP_TAC 

THEN ASM__RBWRITE_TAC [ ] 

THEN RSDUCB_TAC 

)f I 

let lemnal « TAC_PROOP 

(([], "t (x y **) (f **->•*) . (x - y) -*> (f x - f y) H ) t 

REPEAT STRIP_TAC 
THEN ASM_RBWRITS_JTAC [ ) 

);/ 

% |- In in . n < ■ 3 >*> in < = 3 *=* > - (m = n) **> -(WORDN in * WORDN n) % 

let WORDN_l_NOT_BQUAL « •ave_thm 
( J WORDN_l_NOT_EQUAL * , 

OEN_ALL 

(DISCH_ALL 

( REWRITE_RULB 
[HP 

(SPEC "n t num* VAL_WORDN„IDBNT_l ) 

(ASSUME "n <■ 3") 

; 

MP 

(SPEC "annum* VAL_WORDN_IDBNT_l ) 

(ASSUME "m <« 3*)] 

(CONTRAPOS (ISPECL ["WORDN 1 m" ; "WORDN 1 n" ; "VAL 1"] lemmal) ) ) ) 

>f I 

% |- In m . n <* 15 >■> m <* 15 = * > - (m * n) **> -(WORDN m * WORDN n) % 

let WORDN_3 _NOT_BQUAL » *ave_thm 
( ' WORDN_3_NOT_BQUAL ' , 

OBN_ALL 

(DISCH_ALL 

(RBWRITB.RULB 

[MP 

(SPEC "n i num" VAL_WORDN_IDBNT_3 ) 

(ASSUME "n <« 15") 

} 

MP 

(SPEC "m:num" VAL_WORDN_IDBNT_3 ) 

(ASSUME "m <* 15")] 

(CONTRAPOS (ISPECL ["WORDN 3 m"; "WORDN 3 n"/"VAL 3"] lemmal)))) 

);; 
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% 

Theorem* 


let VAL_WORDN_IDENT * mk_thm 

([],»! (n x tnuffl) . (x < (2 EXP (SUC n) ) ) «> (VAL n {WORDN n x) * x) w )i; 

let WORDN_VAL_IDBNT = mk_thm 
( 11 / 

"t (n jnum) (x : wordn) 

(VAL n x < (2 EXP (SUC n) ) ) --> (WORDN n (VAL n x) - x)" 

% Removed theorems for now 13MAR.92 . [DAF] 

let MAXWORD * prove_thm 
{ 'MAXWORD ' , 

- i n b. (VAL n b) < (2 EXP (SUC n))", 

INDUCT_TAC 
THEN OEN_TAC 

THEN PURE_ONCB_RBWRITB_TAC [ VAL ] 

THENL [ 

PURB_RBWRITE_TAC [ EXP; MULT_CLAUSBS; maxbit 3 

; 

BOOL_CASES_TAC " (b(SUC n) ) ibool" 

THEN REWRITB_TAC ( bv; ADD_CLAUSES; KULT_CLAUSES ] 

THENL [ 

PURE_ASM_REWRITB_TAC 

[ SPEC "SUC n" BXP_DOUBLB S ; MULT_BY_2 ; 

( PURE_ONCB_REWRITE_RULE (ADD_SYM] LESS_MONO_ADD_BQ ) 1 

) 

POP_ASSUM 

(\ th. ACCEPT_TAC 
(MATCH_MP LESS_TRANS 
(CONJ (SPEC "b" th) 

(SPEC "SUC n" BXP_MONO) ) ) ) 

1 

1 

) ; ; 

let MAXWORD2 ■ prove_thm 
{ 'MAXWORD 2 ' , 

"1 n e cln . ((VAL n a) + (bv cln) ) <- (2 EXP (SUC n))", 

REPEAT OBN_TAC 

THEN PURE_ONCB_REWRITB_TAC [bv] 

THEN COND_CASES_TAC 

THEN PURE_REWRITE_TAC [ADD_CLAUSES] 

THENL 

[ MATCH_ACCBPT_TAC 

( MATCH_KP LESS_OR ( SPECIAL L MAXWORD) ) 
t 

MATCH_ACCBPT_TAC 

(MATCH_MP LBSS_XMP_LESS_OR_EQ (SPEC_ALL MAXWORD) ) 

1 

);; 

let ALL_ONBS * prove_thm 
( ' ALL_ONB S * , 

" l n i cin . 

({VAL n e) ♦ (bv cin) * 2 EXP (SUC n) ) 

« (ONES n a) i\ cin", 

INDUCT_TAC THEN REPEAT OEN_TAC 
THEN ASM_RBWRITB_TAC [ VAL; ONES ] 

THENL 

[ REWRITE_TAC [ EXP? MULT_CLAUSBS; bvll ] 

; 

BOOL_CASES_TAC " a { SUC n ) t boo 1 " 

THEN REWRITE _TAC [ bvale; ADD_CLAU SBS; MULT.CLAUSES ] 

THENL 

[ ASM_REWRITB_TAC 

[ MULT_BY_2; SPEC "SUC n" BXP_DOUBLBS; 
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SYM_RULX ADD_ASSOC ; 

( PURE_ONCB_REWRITB_RULB [ ADD_SYM ] BQ_MONO_ADD_BQ ) 

] 

; 

ACCBPT_TAC (HATCH_MP LBQ_2_KXP ( SPBC_ALL MAXW0RD2 ) ) 

3 

3 

);/ 

lat OVERFLOW - prova_thm 
('OVERFLOW', 

"in*. (ONES n a) --> (((VAL n a) + 1) = (2 EXP (SUC n)))", 

REPEAT STRIP_TAC 

THEN IMPURE S_TAC (and ( BQ_IM?_RULB (SPBC_ALL ALL_ONBS) ) ) 

THEN POPASSUW 
( ACCEPT_TAC 

o (REWRITE_RULB [ ASSUME "ONES n a"; bvals; SYM_RULK ( num_CONV "1") ] ) 

) 

)n 

lat NOTOVERF LOW - prova_thm 
( ' NOTOVERF LOW ' , 

" 1 n a . -(ONES n a A cin) 

»«> ({VAL n a) + (bv cin)) < (2 EXP (SUC n))", 

REPEAT OEN_TAC 

THEN PURB_RBWRITB_TAC ( SYM_RULB ALL_ONBS) 

THEN STRIP_TAC 
THEN STRIP_ASSUMK_TAC 
( PURB_ONCE_RBWRITK__RULK [LKSS_OR_BQ] 

(SPBC_ALL MAXWORD2 ) ) 

THEN RES_TAC 

)n 


"In (vsvordn) . ZEROS n w * ((VAL n w) * 0)*;; 


• < 

REPEAT OBN.TAC 
THEN EQ_TAC 

THEN SPBC_TAC ("ntnum", "n:num") 

THEN IMDUCT_TAC 

THEN REWRXTB_TAC [ ZEROS ; VAL ] 

THEN STRIP_TAC 
THEN RES_TAC 

THEN ASM_REWRITE_TAC (bv; MULT_CLAUSES ; ADD_CLAUSBS 3 

);; 

% 


clo»a_thaory ( ) ; ; 


Filai 
Author t 
Data t 


buan_daf .ml 
(c) D . A. Pura 1992 
14 Dacambar 1992 


ayatam 'rm buin_dtf.th 
naw_thaory 'buan_daf ' ; ; 

• at March path ( aaarcfa_path ( ) 7 ( * /homa/alvia6/dfura/f tap/piu/hol/lib/ ' / 

' /homa/alvifl6/d£ura/hol/ml/ ' ; 

' /homa/alvis 6 /dfura/hol /Library /tool •/ ' 
3);; 


% 


10 


loadf ' aux_daf s * / / 


map new_parent [ 'piuaux_daf ' ; ' array_def ' j ' wordn_def ' ; ' ineq' ] ; ; 

new_type_abbrev ( * tlma ' , " : num" ) ; / 
new_type_abbrev ( 'wordn' , * :num->bool") ; ; 

let ARBN « definition 'array_def' 'ARBN'// 

lat SUBARRAY_DBF - dafinition 'array_def' ' SUBARRAY_DEF ' ; ; 

% 

Abstract data type for a 4 -valued signal. 


% 


lat wire * 

define_typa 'wire' 

'wira * HI I LO | X I Z'jj 

naw_typa_abbrav ( 'busn' , * :num->wira" ) ; ; 

% 

Type conversion functions and theorems for type WIRE. 


■% 


lat bool VAX. « new_def ini t ion 
( 'bool VAX. ' , 

" ! (w rwire) . 
boolVAL w « (w * HI) ■> T I 

(w « LO) *> P l ARB" 

);; 

lat WIRE * new_de f ini t ion 
( ' WIRE ' , 

" I (b i bool) . WIRE b « (b « T) *> HI I LO" 

);/ 

lat boolVAL„WIRE_IDBNT - prove_thm 
( 'boolVAL_WIRB_IDHNT' , 

"I (b tbool) . boolVAL (WIRE b) = b", 

RBWRITB_TAC [boolVAL/ WIRE] 

THEN QBN_TAC 

THEN BOOL_CASES_TAC "bzbool" 

THEM RBWRITB_TAC [SYM_RULB (prove_cons true tor s_dis tine t wire)] 

)/) 

lat WIRB_boolVAL_IDKNT - prove.thm 
( ' WIRE_boolVAL_IDBNT ' , 

"1 (w : wira) . (w - HI) \/ (w * LO) **> (WIRE (boolVAL w) « w>", 
REWRITB_TAC [WIRE; boolVAL] 

THEN INDUCT_THBN (prove_induct ion_thm wira) AS SUMS _T AC 
THEN REWRITE_TAC [9YM_RULB (prove_constructors_distinct wira)} 

)Jt 


% - - 

Type conversion functions and theorems for type BUSN. 


% 


lat wordnVAL « new_def inition 
( 'wordnVAL' , 

"1 (f tbusn) . 
wordnVAL f * 

\{x:num). (f x * HI) «> T I 

(f X * LO) *> P | ARB" 

);; 

lat BUSN * new_def inition 
( 'BUSN' , 

"I (f : wordn ) . 

BUSN f * 

\(x:num). (f x * T) *> HI I LO" 


li 



let wordnVAL_BUSN_IDBNT * prove_thm 
( ' wordnVAL_BUSN_IDBNT * , 

"\ (f i wo r dii) . wordnVAL (BUSN f) * t" , 

REWRI TE_TAC [wordnVAL ; BUSN ] 

THEN GEN_TAC 

THEN CONV_TAC (ONCE_DBPTH_CONV FUN_EQ_CONV) 

THEN OKN_TAC 
THEN BBTA_TAC 

THEN BOOL_CASBS_TAC " ( f :num->bool) el" 

THEN ASM_RBWRITE_TAC [SYM_RULB (prove_cons true tor a_dis tine t wire) 

)/; 


\ 

Special Cases . 


% 


let Of fn « new_def inition 
( 'Of f n' , 

"Offn • \ ( x : num) . Z" 

);; 


let wordnVAL_Of fn * prove_thm 
( 'wordnVAL_Of fn' , 

"wordnVAL Offn * ARBN", 

REWRI TB_T AC [wordnVAL j Of fn; ARBN/ 

SYM_RULB (prove_cons true tors_dis tine t wire) ] 




let OFFP ■ new_daf ini t ion 
{ 'OFFP' , 

"i (w twire) 

OFFP w « (w * Z)" 

>;/ 


let ON? * new_def inition 
( 'ONP' , 

"1 (w twire) . 

ONP w ■ {(w - HI) \/ (w » LO) \/ (w * X))" 
) I i 


let OFFnP * new_def inition 
( ' OFFnP ' , 

" 1 (f tbusn) {m n tnum) . 

OFFnP f (m,n) ■ ! (xtnum) . (n <* x /\ x <* m) «■> (f x ■ Z)" 
) ;; 


let ONnP * new_def inition 

( 'ONnP ' / 

"l (f tbusn) (m n mum) . 

ONnP f (mm) * 

I (xtnum). (n <* x /\ x <« m) *■> ( (f x 

>;; 


HI) \/ (f x - LO) \/ (f x » X))" 


let OFFnP_BUSN - prove_tbm 
( ' OFFnP_BUSN ' , 

*1 (f twordn) (m n mum) n <■ m ■■> (OFFnP (BUSN f) (mm) * B) w # 
REWRI TB_TAC [OFFnP; BUSN) 

THEN BBTA_TAC 
THEN REPEAT GBN_TAC 

THEN REWRI TE_TAC [ NOT_PORALL_CONV "-(lx, n <« X /\ X <■ m -«> 

( (f X «> HI I LO) - Z) ) "1 

THEN DISCH_TAC 

THEN EXISTS_TAC "n t num" 

THEN ASH_CASBS_TAC "(f twordn) n" 

THEN ASM_RBWRITB_TAC[LBSS_BQ_REFL;prove_constructors_distinct wire] 

) ; ; 

let ONnP_BUSN ■ prove_thm 
( 'ONnP_BUSN' , 

"l (f twordn) (m n mum) . ONnP (BUSN f) (mm) * T" , 

REWRI TE_T AC [ONnP; BUSN] 

THEN BETA_TAC 
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THEN REPEAT STRIP_TAC 

THEN BOOL_CASES_TAC » { f t aum->bool ) x" 

THEN REWRITB_TAC [ ] 

) ;; 

lat OFFnP,_Offn * prova_thm 
( 'OFFnP_Of fn' , 

*! (m n laum) . a <* m *=> (OPFnP 0££n (m,n) = T) ff , 

REWRITB_TAC [OFFnP;OffnJ 

) >; 

lat ONnP_Offn » prova_thm 
( 'ONnP_Of fa' , 

"\ (m a mum) . n <» m ■ *> (ONnP Offn (m,n) ■ F)", 

RBWRITE_TAC [ONnP t Of f n/ SYH_RULB (prova_constructors_di*t inct wira) ; 

NOT_FORALL_CONV "-(lx. -(a <= x /\ X <= m)) w ] 

THEN REPEAT STRIP_TAC 
THEN EXISTS_TAC "n: mm" 

THEN ASM_RFWR I TE _ T AC [LBSS_BQ_REFL] 

) /; 

closa_thaory ( ) / / 


Pila: tamplogic_daf -ml 

Author: (c) D.A. Fura 1992-93 

Data: 21 February 1993 




aat_aaarch_path (saarch_path( ) 9 [ ' /homa/alvia6/dfura/f tap/plu/hol/pport/ ' ; 

* /homa/alvi*6/dfura/f tap/piu/hol/lib/ ' ; 

' /homa/alvis6/dfura/hol/Library/tools/ ' ; 

* /homa/alvisfi/dfura/hol/ml/ ' 

));; 

sat_flag ( 'timing' , trua) ; ; 
ays tarn ' rm t amp logic _daf . th ' ; / 
naw_thaory * tamplogic_daf ' / ; 
loadf ' aux_da f » . ml ' j ? 

map naw__parant [ 'piuaux_daf ' / 'array_daf ' ; 'worda_daf J ; 'busn_daf * ] ; ; 
map load__parant { ' atioc ' ; # iaaq ' ] / ; 

aaw_typa_abbrav ( ' tima ’ x num" ) ; / 

load_l±brary ' raduca • ; ; 

loadf 'pt_tac* .ml ' ; ; 


lat M_LESS_0_LBSS * TAC_PROOF 

( ( [] , 

*! m n . (m < a) ==> (0 < n)"), 
INDUCT_TAC 

THEN REPEAT STRIP_TAC 
THEN ASM_REWRITB_TAC [ ] 

THEN IMP_RBS_TAC LT_IMP_LB 
THEN IMP_RBS_TAC SUC_LE_IMP_LT 
THEN RBS_TAC 
)n 


% 

Dafiaitioaa iavolving "STABLE" boolaaa-valuad signals. 


% 
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let STABLE » new_def ini t ion 
( ' STABLE ' , 

* i (x :time->*) (tl t2 itime) . 

STABLE x ( tl , t2 ) ■ 

(tl <- t2) /\ 

(It u ttime. (tl <* t A t <* t2 /\ tl <* u A u <« t2 ) «*> (x t * x u) ) " 

) j; 

let STABLB_TRUB ■ new_ds f init ion 
{ ' STABLS_TRUB ' , 

"I (x ttime->bool) (tl t2 ttime) . 

STABLE_TRUE x (tl, t2 ) * 

(tl <* t2) A ( 1 1 ttime. (tl <« t /\ t <* t2) -*> (x t))" 

) /; 

let STABLB_FALSE * new_def init ion 
( ' STABLB_FALSE # , 

-1 (x itime->bool) (tl t2 ttime) . 

STABLB_FALSB x (tl,t2) - 

(tl <- t2 ) A (It: time . (tl <■ t A t <* t2) *«> (-x t)) w 

);; 

let S TABLE _FALSK_THEN_TRUE ■ new_def init ion 
( ' STABLB_FALSB_THEN_TRUB ' , 

" \ (x : time->bool) (tl t2 ttime) , 

STABLB_FALSB„THEN_TRUK x ( tl, t2 ) « 

(tl <« t2) /\ (It: time . (tl <« t A t < t2) -*> (-x t ) ) A (x t2) w 

);; 

let STABLK_TRUB_THEN_FAL.SK « new_de£ init ion 
( ' STABLB - .TRUB_THBN_FALSB ' , 

*1 (x :tiae->bool) (tl t2 ttime) . 

STABLB_TRUB_THBN_FALSB X (tl,t2) « 

(tl <- t2) /\ (It: time . (tl <- t /\ t < t2) — > (x t)) A <-x t2)" 

);; 

let FALSE_THKN_S TAB LE_ TRUK ■ new_def init ion 
( ' FALSB_THBN_STABLB_TRUB ' , 

*1 (x t time->bool) (tl t2 ttims) . 

FALSE THKN_STABLB_TRUB x (tl, t2 ) • 

(tl <- t2 ) /\ (~x tl) /\ ( I t : time . (tl < t /\ t <- t2) ««> (x t)) w 

);j 

let TRUB_THKN_S TABLB_F ALSK « new_def init ion 
( ' TRUB_THEN_STABLB_FALSE ' , 

(x : time->bool ) (tl t2 ttime) 

TRUB_THBN_STABLB_FALSB X (tl,t2) ■ 

(tl <■ t2 ) A (x tl) /\ (It: time . (tl < t A t <« t2) «> (-x t))" 

); j 


% 

Definitions involving boolean-valued- signal events. 


% 


let TIME_TRUB ■ new_def init ion 
( ' TIMK_TRUB # f 

M l (x : t ime->bool) (to t9 t ttime) . 
TXMB_TRUE x (tO , t9) t - 

(tO <■ t) /\ (t <■ t9 ) /\ (x t) w 

);; 

let TIMB_FALSE * new_def init ion 
( ' TZMB_FALSB ' , 

" l (x : time->bool) (tO t9 t ttime) . 
TIMB_FALSB x (t0,t9) t - 

(tO <« t) A (t <- t9 ) /\ ( -X t)" 

); ; 

let N_T IKE S_ TRUE « new_prim_rec_def init ion 
( ' N_TIHBS_TRUE * , 

" (N_TIMBS_TRUE 0 x tO t9 « 


14 


?t : time . S TAB LE.FALSB.THKN. TRUK x <tO,t) /\ 

(t < t9 **> STABLB.FALSB x (t+l,t9))) /\ 
(N_TIMES_TRUE (SUC n) x tO t9 « 

7t t time . STABLB.FALSB. THEN. TRUK x { tO , t ) /\ 

N.TIMBS.TRUE n x (t+1) t9) w 


);/ 


let N_TIMBS_FALSB ■ new_pr im_rec.de f ini t ion 
( 'N.TIME S.FALSB ' # 

" (N.TIMBS.FALSB 0 X tO t9 * 

7 1 : t ime . STABLB.TRUE.THEN.FALSB X (tO,t) /\ 

(t < t9 --> STABLE .TRUE x (t+l,t9))> 
(N.TIMBS.FALSB (SUC n) x tO t9 - 

7 1 : t ime . STABLB.TRUK.THEN.FALSB x (tO, t) /\ 
N.TIMBS.FALSB n X (t+1) t9)" 




/\ 


let LBSS.THAN_N_TIMBS.TRUB » new_prim.rec.def ini t ion 
( ' LBSS_THAN_N_TIMBS_TRUB ' , 

" (LBSS.THAN.N.TIMBS.TRUB 0 X tO t9 * STABLB_FALSB X (tO, t9) ) f\ 
( LBSS.THAN.N.TIMBS.TRUB (SUC n) X tO t9 * 

N.TIMBS.TRUE n x tO t9 \/ 

LESS.THAN.N.TIMKS.TRUE n x tO t9)" 

) i; 

let LB SS.THAN_N.TIMH S.FALSB * new_prim_rec_def init ion 
( 1 LBSS_THAN_N_TIMBS_FALSB ' , 

» ( LBSS.THAN.N.TIMBS.FALSB 0 X tO t9 = S TAB LE_ TRUK x (tO, t9) ) /\ 

( LBSS.THAN.N.TIMBS.FALSB (SUC n) x tO t9 * 

N.TIMBS.FALSB nxt0t9\/ 

LBSS.THAN.N.TIMBS.FALSB n X tO t9)" 

) /; 


let NTH.TIMH.TRUE • new_pr im_rec.de f ini t ion 
( ' NTH_TXHB_TRUB ' , 

* ( NTH.TIMB.TRUB 0 X tO t9 * STABLB.FALSB.THBN.TRUB X (t0 / t9) ) /\ 

(NTH.TIMB.TRUB (SUC n) X tO t9 ■ 

7 (t t time) . NTH.TIMB.TRUB n x tO t /\ 

STABLB_FALSB_THBN_TRUB x ( t + 1 , 1 9 ) ) " 

) ; 7 

let NTH.TIME.FALSE * new_p rim_rec.de fin it ion 
( ' NTH.TIMB.FALSK ' , 

* ( NTH.TIMB.FALSE 0 x tO t9 - STABLB.TRUK.THEN.FALSB x ( tO, t9) ) /\ 
( NTH.TIMB.FALSE (SUC n) X tO t9 = 

7 (t t tin*) . NTH.TIME.FALSl n X tO t A 

STABLB.TRUE.THEN.FALSB X ( t + 1 , 1 9 ) ) w 

> ; ; 


% 

Definition* involving boo lean- valued -*ignal "CHANGES . " 


■% 


let C HANQE S _TRUB - new.de f ini t ion 
( ' CHANOB S.TRUE ' , 

* 1 (x itime->bool) (t ttime) 

CHANGE S.TRUE X t - 

( (t - 0) \/ -x (t-1) ) /\ x t" 

)/; 

let CHANOB S.FALSB - new.def inition 
( 'CHANOB S.FALSB ' , 

"1 (x t time- >bool ) (t x time ) * 

CHANOB S.FALSB X t - 

((t - 0) \/ x (t-1)) /\ -x t" 

);; 

let N.TIME S.C HANQE S.TRUE * new.def inition 
( ' N.TIMBS.CHANOBS.TRUB ' , 

" l (n mum) (x i time->bool) (tO t9 ttime) . 
N.TXMBS.CHANOBS.TRUB n x tO t9 - 

N.TXHBS.TRUE n ( \t . CHANOB S.TRUB x t) tO t9" 
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) /; 

1st N_TIMBS_CHANaBS_FALSB * new.def inition 
( ' N_TIMBS_CHANQBS_FALSB ' , 

"! (n mum) (x i t ime- >bool ) (tO t9 ttime) . 

N_T IME S_CHANQB S _F AL SB n X tO t9 * 

N_TIMBS__TRUE n (\t. CHANQES.FALSB x t) tO t9" 

);; 

1st LBSS_THAN_N_TIMBS_CHANQRS_TRUB * new_de£ inition 
( / LBSS_THAN_N_TIMBS_CHAlKJES_TRtJE ' , 

" \ (n tnum) (x : time->bool) (tO t9 ttime) . 

LBSS_THAN_N_TIHBS_CHANOBS_TRUB n X tO t9 * 

LESS_THAN_N_TIMBS_TRUB n ( \t . CHANOBS_TRUB x t) tO t9" 

)/; 

1st LBSS_THAN_N_TIM*S_CHANOKS_FALSB * new.def inition 
( ' LBSS_THAN_N_TIMBS_CHANQKS_FALSE 7 , 

*t (n tnum) (x ttime->bool) (tO t9 ttime) . 
LBSS_THAN_N_TIMBS_CHANQBS_FALSB n X tO t9 * 

LBSS__THAN_N_TIMBS_TRUB n ( \t . CHANGE S_FALSE X t) tO t9" 

);; 

1st NTH_TIMH_CHANQHS_TRUB * new_prim_r*c_def inition 
( ' NTH_TIMB_CHANQBS_TRUB # , 

* (NTH_TIMB_CHANOBS_TRUK 0 X tO t9 * STABLB_FALSB_THBN_TRUB X (t0,t9)) !\ 

( NTH_T UCB _C HANOI S_TRUX (SUC n) X tO t9 - 
7 1 U ttime. 

NTH_TIMH_CHANQBS_TRUB n X tO t /\ 

STABLH_TRUB_THBN_FALSB x (t,u) i\ 

STABLB_FALSB_THEN_TRUE x (u, t9 ) ) " 

);; 

1st NTH_TIMH_CHANORS_FALSE * new_prim_rec_def inition 
{ * NTH__TIHB_CHANOBS_FALSB * , 

*» (NTH_TIME_CHANGBS_FALSB 0 x to t9 « STABLE_TRUE_THEN_FALSB X (t0 / t9)) /\ 

(nth!time_chanobs_falsb (SUC n) X to t9 = 

?t U ttime. 

HTH_TIME_CHANQBS_FALSB n X tO t /\ 

STABLE _FALSB_THEN_TRUE x (t ,u) A 
STABLK_TR0E_THBN_FALSB x ( u , 1 9 ) ) " 

)n 


% 

Definition* involving "STABLE" wire-valued eignale. 


let STABLB_HI * new.de f inition 
( ' STABLB_HI 1 , 

* ! (x ttime->wire) (tl t2 ttime) . 

STABLB.HI X (tl, t2 ) » 

(tl <» t2 ) /\ (It: time . (tl <* t /\ t <* t2) s*> (x t = HI))" 

);; 

let STABLE.LO » new.def inition 
( * STABLB_LO ' , 

" ! (x ttime->wire) (tl t2 ttime) . 

STABLB.LO x (tl, t2 ) » 

(tl <« t2) A ( ! 1 1 time* (tl <* t A t <« t2 ) ■■> (x t ■ LO))" 

) J > 

let STABLB_LO_THBN_HI - new.def inition 
( ' STABLB_LO_THBN_HI ' , 

" i (x :time->wire) (tl t2 ttime) . 

STABLK_LO_THBN_HI X (tl,t2) - 
(tl <- t2) /\ 

( ! t ttime . (tl <» t /\ t < t2 ) ««> (x t - LO)) /\ 

(x t2 - HI) " 

) 1 1 

let STABLB_HI_THBN_LO * new.def init ion 
( ' STABLB_HI_THBN_LO ' , 
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* I (X t time->wire) (tl t2 ttime) . 

STABLB_HI_THEN_LO x (tl, t2 ) = 

(tl < = t2 ) /\ 

(itttime. (tl <= t A t < t2 ) **> (x t = HI)) /\ 

(x t2 * LO } " 

) ;/ 

1st NTH_TIMB_HI = new_prim_rec_def inition 
( , NTH_TIMB_HI * , 

" (NTH_TIMB_HI 0 X tO t9 = STABLB_LO_THBN_HI x (t0,t9)) A 
(NTH_TIMK_HI (SUC n) x tO t9 * 

?(t ttime) . NTH_TIMB_HI n x tO t /\ 

STABLB_LO_THKN_HI x (t+l,t9))" 

)/; 

let NTH_TIME_LO = new_prim_rec_def inition 
( ' NTH_TIME_LO ' , 

" (NTH_TIME_LO 0 X tO t9 ■ STABLB_HI_THBN_LO x (tO, t9) ) /\ 
(NTH_TIMB_LO (SUC n) x tO t9 * 

?(t ttime) . NTH_TIME_LO a X tO t /\ 

STABLE_HI_THEN_LO x <t+l,t9))" 

)it 


Definitions involving "STABLE" (boolean- or wire-valued) signal* for both 
clock phase* of each cycle. 

% 

let STABLB_AB ■ new_def inition 
( ' STABLB_AB ' , 

* ! (x ttime->*#* ) (tl t2 ttime) . 

STABLB_AB X (tl,t2) « 

(tl <« t2 ) /\ 

( 1 t u i time . 

(tl <» t A t <* t2 /\ tl <* u A u <* t2 } **> (ASel (x t) « BSel(x u)))" 

);; 

let STABLE_AB_TRUH « new_def inition 
( ' STAB LB_AB_TRUB ' , 

* 1 (x itime->bool#bool) (tl t2 :time) 

STABLB_AB_TRUE X { tl, t2) « 

(tl <« t2 ) /\ 

( i t i time. 

(tl <* t /\ t <« t2> *«> (ASel (x t) /\ BSel(x t))) w 

);/ 

let STABLB_AB_FALSK * new_def inition 
( ' STABLE _AB_PALSH ' , 
m l (x t time- > bool #bool ) (tl t2 ttime) 

STABLE _AB_FALSE X (tl,t2) » 

(tl <« t2 ) /\ 

( ! t * t ime . 

(tl <« t /\ t <» t2 ) **> ( -ASel (x t) /\ -BSel (x t)))" 

);; 

let S TAB LB_AB_OF F * new_def inition 
( ' STABLB_AB_OFF ' , 

"! (x t time- > wire twire ) (tl t2 ttime) 

STABLB_AB_OFF x (tl,t2) - 
(tl <- t2 ) /\ 

( it ttime . 

(tl <* t /\ t <= t2 ) ««> ( (ASel (x t) * Z) /\ (BSel (x t) = Z)))" 

) ; ; 

let STAB LB_AB_OF Fn ■ new_def inition 
( # STABLB_AB_OFFn ' , 

" ! (x i time->busn#bu*n) (tl t2 ttime) . 

STABLB_AB_OFFn x (tl,t2) * 

(tl <- t2 ) /\ 

( It ttime. 

(tl <« t A t <- t2> * * > ( (ASel (x t) - Of f n) A (BSel(x t) ■ Of fn) ) ) " 

);; 
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% 

Th*or«u . 


l#t TRUB_BVBNT_TIMBS_BQUAL » prov*_thm 
( ' TRUX_EVBNT_TIMBS_BQUAL ' , 

"l (n mum) (tO tl t 2 :tim*) (x ttim«->bool) . 

NTH_T IMB_TRUB n x tO tl *«> 

NTH_TIMB_TRTJB n x tO t 2 »*> 

(tl - t 2 )", 

INDUCT__TAC 

THEN RBWRITE_TAC [NTH_TIHB_TRUB ; STABLB_PALSE_THBN_TRUB] 

then repeat strip_tac 

THEN ASM_CASES_TAC " ( 1 1 : t im« ) * t 2 " 

THEN ASM_REWRITE_TAC U 
THEN IMP_RES_TAC NOT_BQ 
THBNL [ 

SPEC_ASSUH_TAC ("It. tO <= t /\ t < t 2 ■ *> -x t " , "tl : tim»" ) 
THEN RES_TAC 

SPBC_ASSUM_TAC ("it. tO <* t /\ t < tl *■> -X t" , "t 2 : t ime" ) 
THEN RES_TAC 

; 

RBS_TAC 

THEN XJNDISCH_TAC " ( t ' 4 1 ) <■ tl «-> -x 1 1 " 

THEN F I LTBR_ASM_REWRI TE__TAC (\tm. tm *= "(t'jtim») * t") U 
THEN AHM_REWRITE_TAC [ 3 

7 

RES_TAC 

THEN UND I SCH_TAC "(t + 1 ) <■ t 2 »*> -X t 2 " 

THEN F I LTBR_ASM_RKWRI TB_TAC (\tm. tm * "(t:tim«) = t ' ") [] 

THEN ASM_RBNRJTB_TAC [ ] 

3 

) ;; 

l«t FALSB_EVBNT_TIMES_BQUAI» ■ prov«_thm 
( ' FALSE_BVENT_TIMES_EQUAL ' , 

M \ (n tnum) (tO tl t 2 itim«) (x :tim«->bool) . 

NTH_TIME_FALSE n x tO tl =«> 

NTH_TXMB_FALSB n x tO t 2 *= = > 

(tl - t 2 )", 

INDUCT_TAC 

THEN RBWRITK_TAC [NTH_TIHK_FALSE ; STABLB_TRUB_THBN_FALSB ] 

THEN REPEAT STRIP_TAC 

THEN ASM_CASBS_TAC " ( t 1 : t im* ) a t 2 " 

THEN ASM_REWRITE_TAC [ ] 

THEN IMP_RES_TAC NOT_EQ 
THSNL [ 

SPKC_ASSUM_TAC ("it. tO <« t /\ t < t 2 **> x t", "tl : tim«" ) 
THEN RKS_TAC 
THEN RBS_TAC 

7 

SPEC_ASSDM_TAC ("!t. tO <■ t /\ t < tl «*> X t " , "t 2 : tim« w ) 
THEN RES_TAC 
THEN RES_TAC 

7 

RES.TAC 

THEN DNDISCH_TAC *(t' + 1 ) <* tl «*> X tl" 

THEN FILTSR_ASM__RBWRITB_TAC (\tm. tin - *(t':tim«) - t") [3 

THEN ASM_REWRITK_TAC [ ] 

7 

RES_TAC 

THEN UNDISCH_TAC "(t + 1 ) <- t 2 -*> X t 2 " 

THEN FILTER_ASM_RE 1 fRITB_TAC (\tm. tm * "(t:tin») * t'") [] 

THEN ASM_RBWRITB_TAC [ ] 

] 

);; 

l«t STABLE_TROB_THEN_FALSB_UNIQUE - prov«_thm 
( ' STABLB_TRUB_THBN_FALSB_UNIQUE ' , 

" ! (tO tl t 2 xtlm«) (x j tim*->bool) 
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STABLB_TRtJB_THBN_FALSB X (tO, tl) ==> 

STABLB_TRUB_THBN_FALSB x <tO,t2) ==> 

(tl « t2>", 

RBWRITB_TAC [9TABLB_TRUB_THBN_FALSB] 

THBN RBPKAT STRIP_TAC 

THEN ASM_CASBS_TAC "(tlttimo) * t2" 

THBN ASM_RBWRITB_TAC [ 3 
THBN XMP_RBS_TAC NOT_BQ 
THBNL [ 

SPBC_ASStJM_TAC ("it. tO <= t /\ t < t2 ==> x t » , "tl : timo" ) 

THBN RSS_TAC 
THBN RBS_TAC 

I 

SPBC_ASSUM_TAC (“it. tO <* t /\ t < tl -«> X t ", "t2 : timo") 

THBN RBS_TAC 
THBN RBS_TAC 

] 

); ; 

lot TRUB_BVBNT_TIMBS_MONO * provo_th® 

{ ' TROB_BVKNT_TIMES_MONO ' , 

"1 (n tnum) (tO tl t2 ttimo) <x :timo->bool) . 

NTH_TIMB_TRUB n x tO tl •■> 

NTH_TIMK_TRUE (SUC n) x tO t2 ■*> 

(tl < t2 ) " , 

RBWRITB_TAC [ NTH_T IME^TRUB ; STABLB_FALSK_THEN_TRUB ] 

THBN RBPSAT STRIP_TAC 

THBN IHP_RBS_TAC TRUB_BVBNT_TIMBS_KQUAL 
THBN IMP_RBS_TAC (RBWRITB_RULB [ADD1] OR_LBSS) 

THBN FILTBR_ASM„REWRITB_TAC (\tm. tm * "tlitimo ■ t") [ ] 

THBN FILTBR_ASM_RBWRITB_TAC (\tm. tm * "t < t2") [] 

) /; 

lot SINOLB_TRUB_INTBRVAL_BVKNT_TIMKS_KQDAL * provo_thm 
( ' SINGLB_TRUB_INTBRVAL_HVHNT_TIMES_EQUAI» * , 

* ! (tO t9 t u itimo) (x itimo->bool) . 

N_TXHBS_TRUB 0 X tO t9 **> 

TIMB_TRtJB x (tO, t9) t -*> 

TXMB_TRUB x ( tO , t9) u »*> 

(t * u) " , 

RBWRITB_TAC [TIMB_TRUE ; N_T IMB S_TRUK ; STABLK_FALSB ; S TAB LB_FALSB_THBN_ TRUE 3 

THBN REPEAT STRIP_TAC 

THBN ASM_CASBS_TAC M t ' < t9" 

THBNL ( 

% oubgool It [ "t' < t9" 3 % 

IMPURE S_T AC ( RBWRITK_RULB [ADD1] LBSS_OR) 

THBN RBS_TAC 

THBN NRULB_ASSUM_TAC 

(*(t f + 1) <- u **> ~x u", ( (RBWRITB_ROLB tl) o CONTRAPOS) ) 
THBN NRU LB _ AS S UM_ T AC 

("(t' 4 1) <« t **> -x t", ( (RBWRITB_ROLB [)) o CONTRAPOS)) 
THBN NRtJLB_ASSUM_TAC 

{ “U < t ' ==> -x U", { (RKWRITB_RULK []) o CONTRAPOS)) 

THBN NRULS_ASSUM_TAC 

ft < t' **> -X t", ( (RBWRITB_RULB [)) o CONTRAPOS)) 

THBN RHS_TAC 

THBN INP_RBS_TAC NOT_LBSS_BQ_LBSS 
THBN IMP_RBS_TAC NOT_LB9S 
THBN IMP_RBS_TAC SUB_LBSS_OR 

THBN ASSUMB_TAC (RBWRITB_RULE [) (RBDUCB_CONV *1<*1")) 

THBN IKP_RB S _ T AC (SPBCL [ "t ' t timo" / "1" ; "1" ] ASSOC_ADD_SUBl } 

THBN ASM_RBWRITB_ASStJM_TAC ft <- ( (t ' 4 1) - 1)", 

[SUB_BQUAL_0 ; ADD_C LAUS BS ] ) 

THBN ASM_RBWRITB_ASSOM_TAC fu <« ( (t ' 4 1) - 1)", 

( SOB_BQUAL_0 ; ADD_CLAUSBS J ) 

THBN IMP_RB S _ TAC LBSS_BQOAL_ANTISYH 

THBN FILTER __ASM_RBWRITB__TAC ( \tm. tm - "u ttimo * t'") (] 

THBN FILTBR_ASH_RBWRITB_TAC (\tm. tm - «t ttimo * t'") [ ] 

/ 

% subffoal 2: [ *-t ' < t9" ] % 

IMP_RBS_TAC NOT_LBSS 
THBN RES.TAC 
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THEN IMP_RBS_TAC LBSS_BQ_TRANS 

THEM RBWRITB_ASSUM_TAC ("u <* t' ", [LESS_OR_BQ] ) 

THEN RBWRITB_ASSUM_TAC ( M t <- t' ", [LESS_OR_BQ] ) 

THEN POP_ASSUM_LIST (MAP_BVBRY ( \thm. STRIP_ASSUME_TAC thm) ) 

THEN RBS_TAC 

THEN ASM_REWRITE_TAC [ ] 

] 

)// 

let LATER_TRUB_BVBNT_FOLLOWS_INTKRVAL « prove _ thm 
( ' LATBR_TRUB_EVBNT_POLLOWS_INTBRVAL ' , 

"j (tO t9 t' t'»uc ttime) (x itime->bool) 

N_TIMBS_TRUB 0 x tO t9 *«> 
tO <» t' ■■> 
x t' ■«> 

t' < t'»uc ■■> 

X t'euc «■> 
t9 < t'fuc", 

RBWRI TE_T AC [ STABLB_FALSB ; STABLB_PALSB_THBN_TRUB] 

THEN REPEAT STRIP_TAC 

THEN ASM_CASES_TAC *t ' <* t9" 

THE NL [ 

% •ubgoil It t *t ' <- 1 9 - ] % 

ASM_C ASE S_TAC "t9 < t ' »uc w 
THEN ASM_REimiTB_TAC [ ] 

THEN RBWRITB_ASSUM_TAC ( --t9 < t ' iuc\ [NOTELESS] ) 

THEN IMP_RBS_TAC LBSS_EQ_LBSS_TRANS 
THEN IMP_RES_TAC LT_IHP_LB 
THEN IMF_RES_TAC 

(SPBCL [-tO ttime-; -t9: time"; "t ' 1 1 ime- ; "t ' iuc : time-] 

( RENRITB_RULK [TIME_TRUB] 

SINOLE_TRUE_INTBRVAL_BVBNT_TIMBS_EQDAL ) ) 

THEN IMP_RHS_TAC LESS_NOT_EQ 

; 

% aubgoal 2t [ -~t ' <* t9- ] % 

RBWRITE_ASSUM_TAC ( "~t ' <- t9- , [NOT_LESS_BQ_LBSS] ) 

THEN IMP_RBS_TAC LBSS_TRANS 
THEN ASM_RBWRI TE_T AC [ ] 

J 

let SUB_STABLB_FALSB_THBN_TRUB * prove_thm 
( ' SUB_STABLB_FAI>SE_THEN_TRUB ' , 

-! (tl t2 t9 ttime) (x ttime->bool) ♦ 

STABLE_PALSE_THEN_TRUE X <tl,t9) ■«> 

(tl <- t2 ) »*> 

(t2 <« t9 ) -«> 

STABLE_FALSB_THBN_TRUB X (t2,t9)", 

REWRITB_TAC [STABLB_FALSE_THBN_TRUB ] 

THEN REPEAT STRIF.TAC 
THEN ASM_REWRITE_TAC [ ] 

THEN IMP_RES_TAC LESS_BQ_TRANS 

THEN 3 PEC _AS SUM_T AC (-It. tl <■ t /\ t < t9 -»> -X t-,-t ttime-) 

THEN RES_TAC 

) ;; 

let S UB_ INTER VALS_S TAB LK_TRUE • prove_thm 
( ' SUB_INTERVALS_STABLE_TRUE ' , 

-I (tO t9 tl ttime) (x t t ime->bool) . 

STABLB_TRUE X (tO, t9) --> 

(tO <■ tl) ■*> 

(tl <* t9) ■■> 

(STABLE_TRUB X (tO,tl) /\ STABLE_TRUB X (tl,t9))-, 

RBWRI TE_TAC [STABLB_TRUE ) 

THEN REPEAT STRIP.TAC 
THEN ASM_REWRITE_TAC [ ] 

THEN UCP_RES_TAC LESS_BQ_TRANS 
THEN RES_TAC 
>/; 

let SUB_INTBRVALS_STABLE_FALSB » prove_thm 
( ' SUB_INTERVALS_STABLB_FAL.SE ' , 
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“I (to t9 tl :tim«) (x * tiin»->bool ) 

STABLB.FALSE x (tO,t9) ■*> 

(tO <» tl) 

(tl <■ t9) mm> 

( STABLE.FALSE x <tO,tl) /\ STABLE_FAX.SK x (tl,t9)) w , 

REWRITB.TAC [ STABLB_FALSE ] 

THEN REPEAT STRIP.TAC 
THEN ASM_REWRITB_TAC [ ) 

THEN IMP_RES_TAC LHSS_BQ_TRANS 
THEN RBS_TAC 
>7/ 

l«t S T AB LE_F ALS K_THEN ■ prov*_thm 
{ ' STABLB_FALSE_THBN ' , 

"I (x itim*->bool) (tO tl itimm) 

STABLH_PALSB_THEN_TRUE x (tO, tl) »*> 
tO < tl **> 

STABLB.FALSE X (tO,tl-l)-, 

REWRITB_TAC [ STABLB_FALSB_THBN_TRtJE / STABLK_FALSB ] 

THEN REPEAT STRIP_TAC 

THEN IMP_RBS_TAC (REWRITE.RULB [PRE.SUBl] LT_IMP_LB_PRE ) 

THEN ASM_REWRITB_TAC [ ] 

THEN IMP_EBS_TAC H_LBSS_0_LBSS 

THEN IMP_RBS_TAC (REWRITE.RULK (AJDD1 ] LT_IMP_SUC_LB ) 

THEN POP_ASSUM_LIST (MAP_EVBRY (\thm. ASSUHK_TAC ( REDUCE _RULB thm) ) ) 

THEN IMP_RBS_TAC (REWRITB.RULE [PRE_SUB1] LK_PRB_IMP_LT ) 

THEN RBS_TAC 

)/; 

l«t SUP_INTBRVAL_STABLB.TRUE * mk_thm 
( Mr 

(tO t 9 tl t2 itim«) (x t tim«->bool) . 

STAB LB__ TRUE X (tO,tl) **> 

S TABLB_TRUE x (t2,t9) — > 

(t2 <a tl+1) »■> 

(tO <» t9) **> 

STABLB.TRUB X (tO, t9) " 

);? 

Imt SUP_INTBRVAL_STABLE_FALSE * mk.thm 

([], 

"! (tO t9 tl t2 ttim«) (x : tim*->bool ) 

STABLE_FALSE x (tO, tl) >«> 

STABLE_FALSE X (t2,t9) ■«> 

(t2 <= tl+1) **> 

(tO <« t9) ■«> 

STABLB_FALSB X (t0,t9) w 

) ;; 

l«t SUP_INTBRVAL_STABLB_TRUB_THBN_FALSE * prov«_thm 
( ' SUP_INTBRVAL_STABLB_TRUE_THEN_FALSB ' , 

** ! (tO t9 tl t2 ttlmt) (x :tim«->bool) . 

S TAB LR_ TRUE x ( tO, tl) *«> 

STABLB_TRUB__THBN_FALSB X (t2,t9) *■> 

( t2 <* tl+1) «> 

(tO <- t9 ) ■■> 

STABLB_TRUE_THBN_FALSB x <t0,t9)", 

REWR I TB_T AC [STABLE. TRUE ; STABLB_TRUB_THBN_FALSB ] 

THEN REPEAT STRIP.TAC 
THEN ASM_REWRITE_TAC [] 

THEN ASSUMB.TAC 

(REWRITE.RULE 
[ STABLE. TRUE ] 

( SFBCL [ "tO t tlm* w ; "tl 1 1 ; w t2 : tim«" ] SUB_INTBRVALS_STABLE_TRUB ) ) THEN RES.TAC 

THEN ASM_CASBS_TAC *t2 <- t* 

THEN RBS.TAC 

THEN RBWRITB_ASSUM_TAC ( "•»t2 <- t", [NOT_LBSS_EQ_LKSS ] ) 

THEN IMP_RBS_TAC (SPECL [*t2 1 tim*" ; w tl+l* / w l' r ] LBSS_BQ_MONO_SUB) 

THEN ASSUMB.TAC (SPEC -1" LBSS_BQ_REFL) 

THEN IMP _RE S_TAC (SPECL [ "tl : t im*" ; » 1” ; ”1” ] ASSOC_ADD_SUBl ) 

THEN ASM_RENRITE_ASSUM_TAC 

(-(t2 - 1) <* ((tl + 1) - 1) *, [SUB_BQUAL_0;ADD_CLAUSKS] ) 


21 



THUN IMP_RHS_TAC SUB_LKSS_OR 

then ihp_res_tac lbss_bq_trans 

THEN RBS_TAC 

)/; 

let SUP_INTBRVAL_STABLE_FALSE_THEN_TRUB * prova_thm 
( ' SUP_INTBRVAL_STABLB_FALSB_THBN_TRUB 1 , 

" l (tO t9 tl t2 : tima) (x : tima->bool) . 

STABLB_FALSB X (tO,tl) «*> 

STABLB_FALSB_THBN_TRUB x (t2,t9) ==> 

(t2 <* tl+1) »■> 

(tO <- t9 ) -«> 

STABLB_FALSE_THBN_TRUE x ( 1 0 , 1 9 ) " , 

RBWRI TB_T AC l STABLB_FALSB / STABLE_FALSB_THBN_TRUB 1 
THBN RBPBAT STRIP_TAC 
THBN ASM_RBWRITB_TAC [ ] 

THBN ASSUMB_TAC 

(RBWRITB_RULB 

[ STABLB_FALSB ] 

(SPBCL [*tO:tima-> "tl: tima"; "t2: tima") SUB_INTBRVALS_STABLB_F ALSB ) ) THEN RES_TAC 

THBN ASM_CASBS_TAC "t2 <« t" 

THBN RBS_TAC 

THBN RBWRITB_ASSUM_TAC ( "-t2 <* t", [NOT_LBSS_EQ_LBSS] ) 

THBN IMP_RBS_TAC (SPBCL [*t2 : tima*; <r tl+l* ; "l*] LESS_EQ__MONO_SUB ) 

THBN AS SUMB_TAC (SPBC " 1 " LBSS_BQ_RBFL ) 

THBN IKP_RBS_TAC (SPBCL [*tl ttima"; "l" ? *1* ] ASSOC_ADD_SUBl ) 

THBN ASM_RBWRITB_ASSUM_TAC 

(" ( t2 - 1) <* ((tl + 1} - 1 ) " , [SUB_BQUAL_0;ADD_CLAUSBSJ ) 

THBN IMP_RBS_TAC SUB_LBSS_OR 
THBN IMP_RSS_TAC LBSS_BQ_TRANS 
THBN RES_TAC 

)>; 

clo*a_thaory ( ) ; \ 


% - 

Fila i gat a*_daf 1. ml 

Author: (c) D. A. Fura 1992-93 

Data: 4 March 1993 

Thia file contain* tha ml *ourc# for tha combinational logic gatas u*ad in tha 
gata-laval daacription of tha FTBP PIU, an ASIC davalopad by tha Bnbaddad 
Procaaaing Laboratory, Boaing High Tachnology Cantar . 


■% 


aat_aaarch_path (aaarch_path( ) ® [ ' /homa/alvia6/dfura/f tap/piu/hol/lib/ ' > 

* /homa / alvia 6 /dfura/hol /Library /tool*/ ' 

})n 


aat_flag ('timing', trua) ; ; 
ayatam 'rm gataa.daf 1 .th ' ; j 
n*w_t haory ' gat a *_da 1 1 ' / ; 

map naw_parant ( 'piuaux_daf ' / ' wordn_daf ' / 'buan_daf ' ; ' inaq' ] ; ; 

lat NOT_9ATB « naw_daf inition 
( ' NOT_OATB ' , 

M ! a z : t ima - >bool#bool . 

NOT_QATE a Z * 

J t : tima . Z t » ((-ASal(a t)), (-BSal(a t))) w 
);; 

lat AND2_OATB ■ naw_daf inition 
( ' AND2_QATE ' , 

" ! a b z : tima- > bool #bool . 
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AND2_OATB a b z = 

Ititima . z t * {(ASal(a t) /\ ASal(b t ) ) , 

(BS«l(a t) /\ BSal(b t)>)" 

);/ 

1st AND3_QATB = naw_daf inition 
( 'AND3_0ATE' , 

" 1 a b c z : tima->bool#bool . 

AND3_OATB a b c z - 

l t : tima . z t * ((ASal(a t) /\ ASal(b t) /\ ASal(c t)), 

(BSal(a t) /\ BSal (b t) /\ BSal(c t)))" 

) } i 

lat OR2_OATB * naw_da£inition 
( ' 0R2_QATE ' , 

** \ a b z i tima->bool#bool . 

0R2_QATE a b z - 

Ititima . z t * ((ASal(a t) \/ ASal(b t)), 

(BSal ( a t) \/ BSal (b t) ) ) " 

) ? I 

lat 0R3_GATB = naw_daf inition 
( ' OR3_OATB ' , 

" I a b c z j t ima- > bool #bool . 

0R3_0ATE a b c z = 

! t : tima . z t *= ((ASal(a t) \/ ASal(b t) \/ ASal{c t) ) , 

(BSal(a t) \/ BSal(b t) \/ BSal(c t)))" 

) ;; 

lat NAND2_OATB = naw_daf inition 
( ' NAND2_OATB ' , 

"! a b z i tima->bool#bool . 

NAND2_OATR a b z = 

Ititima . z t * ({-{ASal(a t) t\ ASal(b t))), 

( - (BSal ( a t) /\ BSal(b t ) ) ) > » 

);/ 

lat NAND3_OATB - naw_daf inition 
< ' NAND3_0ATB ' , 

" \ a b c z i tima- > bool #bool . 

NAND3_OATB a b c z * 

! t i tima . z t = ( { - (ASal (a t) /\ ASal(b t) /\ ASal (c t))), 

(-(BSal {a t) f\ BSal (b t) /\ BSal(c t))))" 

) /; 

lat BUF_<JATB * naw_daf inition 
( ' BUF_OATB ' , 

" ! a z it ima ->*#*. 

BUF_OATB a z « 

Ititima . z t * (ASal(a t), BSal(a t ) ) " 

) ; ; 

lat TRIBUF_OATB - naw_daf inition 
( ' TRIBUF_OATR ' , 

"l (z i tima->wira#wira) (a a t tima->bool#bool ) 

TRIBUFQATK a a Z * 

l t : tima . z t - <(ASal(a t) ■> WIRE (ASal(a t)) I Z) , 

(BSal (a t) »> WIRB (BSal(a t}) t Z) ) " 

);; 

lat TRIBUFn__QATB m naw_daf inition 
( ' TRIBUFn_OATB / , 

" ! (a : t ima - >wordn#wordn ) (z : tima->buan#busn) (a : tima->bool#bool) 
TRIBUFn_OATB a a z « 

! t i tima . z t * ((ASal (a t} *> BOSN (ASal (a t}) | Offn) f 

(BSal (a t) »> BUSN (BSal (a t)) i Offn))" 

) // 

lat TRINBtTF_QATB * naw_daf inition 
( ' TRIKBUF_OATK ' , 

" i (z * tima->wira#wira) (a a t tima->bool#bool) 

TRINBOF_OATB a a z ■ 
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! tttima . z t 


(((~ASal(a t)) *> WIRE (ASal (a t)) I Z), 

( { -BSsl (• t)) »> WIRE (BSal (a t)) | Z) ) " 


lat TRINBUFn_OATB * naw_daf inition 
{ ' TRINBUFn_QATK ' , 

(a : tima->wordn#wordn) (z : tima->busn#busn) (a : tima->bool#bool) 
TRINBUPn_QATB a a z = 

1 tttima . z t = ( { ( -ASal (a t) ) .> BUSN (ASal (a t)) I Of fn) , 

( ( -BSal ( • t)) *> BUSN (BS*l(a t) ) I Of fn) ) » 

) ; j 


closa_thaory ( ) ; ; 


% - - 

Fila : lat chas_daf .ml 
Author i (c) D.A. Furt 1992 
Data: 31 August 1992 

This fila contains tha ml sourca for tha latchas usad in tha gata-laval 
spacif lcation of tha FTBP PITJ, an ASIC davalopad by tha Bmbaddad Processing 
Laboratory, Boaing High Tachnology Cantar. 


% 


set_search_path ( search_path ( ) 0 [ 1 /homa/alvis6/dfura/f tap/piu/hol/lib/ '] ) / ; 

sat_f lag ('timing', trua) ; ; 

systam # rm latchas_daf .th' ; ; 

naw_ theory ' latchas_daf ' / / 

map naw_parant [ 'piuaux_def ' J ; / 

% - 

Ona-bit A-clocked D-latch, no sat, no rasat, no anabla. 
% 


lat DLatA_OATE * naw_daf inition 
( ' DLatA_OATB ' , 

"l (d q t tima->bool#bool) (s : t lma->bool) . 

DLa t A_OATB d S q m 
1 tttima . 

(s (t+1) * ASal (d t) ) /\ 

<q t « (s (t+1) , s (t+1) ) ) " 

)n 

% 

Ona-bit B-clocked D-latch, no sat, no rasat, no anabla. 

% 


lat DLatB_CJATB « naw_daf inition 
( 1 DLat B_QATB ' , 

" \ (d q t time->bool#bool) (s j tima->bool) . 

DLatB_OATB d s q - 
! tttima . 

(s (t+1) * BSal (d t) ) /\ 

(q t * (at, s (t+1 ) ) )" 

);; 

% 

Ona-bit A-clockad D-latch, with sat, no rasat, no anabla. 

% 


lat DSLatA__QATZ - naw_daf inition 
( / DSLetA_OATE ' , 

" I (d sat q t tima->bool#bool) (s ttima->bool) 


24 



DSLatA_QATB d set a q = 

! t : t ima . 

(S (t+1) * (ASal(eet t)) *> T I Aflel(d t)) /\ 

(q t * (8 (t+1), a (t+1) ))" 

);; 

% 

One-bit B-clocked D-latch, with aat, no reset, no enable. 

- 


1st DSLatB_OATB » new_def inition 
( ' D S La t B_GATB ' , 

"l (d set q : t ima - >bool#bool ) (a :tima->bool) . 

DSLatB_GATE d a at a q = 

! tit ima * 

(a (t+1) = (BS«l(Mt t}) *> T I BSel(d t)) /\ 

(q t ■ (at, a (t+1) ) ) " 

);; 

% 

Ona-bit A-clocked D-latch, no set, with reset, no anabla. 

% 


let DRL a t A_QATE * naw_daf inition 
( ' DRLat A_GATB ' , 

M ! (d rat q s tima->bool#bool) (a : time- >bool ) , 

DRLat A_GATB d rat a q » 

! t:tima . 

(a (t+1) * (ASal(rat t)) => F l ASal(d t)) /\ 

(q t - (a (t+1), a (t+1)))" 

) ; i 

% 

Ona-bit B-clockad D-latch, no aat, with raaat, no anabla. 
% 


lat DRLat B_ GATE « naw_da£ inition 
( ' DRLat B_GATS ' , 

* ! (d rat q : tima->bool#bool) (a : time- >bool ) . 

DRLat BLOATS d rat a q * 

! t:tima . 

(a (t+1) « (BSaltrat t) ) «> P I BSal(d t)) /\ 

(q t ■ (at, a (t+1) ) ) " 

)/; 

% - 

Ona-bit A-clocked D-latch, with aat, with raaat, no anabla. 
% 


lat DSRLatA_GATK « new.def inition 
( ' DSRLatA_OATR ' , 

M ! (d aat rat q : t ima- > bool #bool ) (a : t ima- > bool ) . 

DSRLatA_OATB d aat rat a q ■ 

! t:tima . 

(a (t+1) * ((ASal(aat t) /\ -ASaKrat t)) «> T I 
{ ( -AS el ( aat t)) /\ ASal(rit t)) *> P I 

((-ASal(aat t)) /\ ~ASel(rst t)) -> ASal(d t) I 

ARB) ) /\ 

(q t « (a (t+1) , a (t+1 ) ) )” 

) i ; 

% - - 

Ona-bit B-clockad D-latch, with aat, with raaat, no anabla. 

% 


lat DSRLatB_0AT8 ■ new_def inition 
( ' DSRLat B_QATE ' , 

"l (d aat rat q : t ima- > bool ibool ) (a i t ima- > bool ) 
DSRLat B_ GATS d aat rat a q * 

1 t i tima . 

(a (t+1) « ( (BSal ( aat t) /\ -BSaltrat t) ) -> T | 

( ( -BSal ( aat t)) /\ BSal (rat t)) «> P I 
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( ( -BSel ( set t)) /\ ~BSel(rst t ) > «> BSel(d t) I 

ARB)) /\ 

(q t ■ (• t , s (t + 1) ) ) " 

);/ 

% 

One-bit A-clocked D- latch, no set, no reset, with enable. 
% 


let DBLatA.OATE « new.def inition 
( ' DBLat A.GATB * , 

" \ (d en q i time->bool#bool) { s ttime->bool) . 

DBLatA_GATE d en s q ■ 

! t : time . 

(e (t+1) = (ASel(en t)) -> ASeKd t) I s t) /\ 

(q t = (8 (t+1) , 8 (t+1) ) ) " 

)/> 

%-- 

One-bit B-clocked D-latch, no eet, no reset, with enable. 
% 


let DBLatB.GATB - new_def inition 
( ' DELa t B.QATB 9 , 

" i (d en q i t ime - >bool#bool ) (s : time->bool ) . 

DBLatB.GATB d en s q = 

! titime . 

(s (t+1) ■ (BSel (en t)) ■> BS#l(d t) 1st) /\ 

(q t - (s t, s (t+1 ) ) )” 

) /; 

% 

One-bit A-clocked D-latch, no eet, with reset, with enable, 

% 


let DRBLatA_QATB ■ new.de f inition 
( ' DRELat A_OATB ' , 

"1 (d ret en q : time->bool#bool) (s : time->bool) 

DRBLatA.OATB d rst en s q * 

1 titime . 

(s (t+1) « (ASel(en t)) ((ASel(rst t)) «> F I ASel(d t)) I s t) /\ 

(q t » (s (t+1), a (t+1)))" 

) ; ; 

% 

One-bit B-c locked D-latch, no set, with reset, with enable. 
% 


let DRBLatB.OATB - new_def inition 
( ' DRBLat B.GATB ' , 

"l (d rst en q : time- > bool #bool ) (s : t ime- > bool ) 

DRB La t B.GATB d rst en s q * 

! t : time . 

(s (t+1) ■ (BSel (en t)) «> ((BSel(rst t)) ■> F I BSel(d t)) 1st) /\ 

(q t « (s t, s (t+1) ) )" 

) ;; 

% 

One-bit A-clocked D-latch, with set, no reset, with enable. 

% 


let DSBLatA.OATB - new.de t inition 
( 'DSBLatA.OATB' , 

"1 (d set en q : time- > bool #bool ) (s :time->bool) 

DSKLatA.OATS d set en s q * 

! titime . 

(s (t+1) « (ASel(en t)) *> ((ASeKset t) ) -> T I ASel(d t)) 1st) /\ 
(q t = (s (t+1), s (t+1)))" 

)>/ 

% - 

One-bit B-clocked D-latch, with set, no reset, with enable. 
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% 


lat D S E La t B_OATK « naw_daf ini t ion 
( 'DSBLatB_QATE ' , 

"! (d aat an q i tima->bool#bool ) (a itima->bool) . 

DSELatB_QATE d a at an • q ■ 

! t s tima . 

(a (t+1) ■ {BSal(an t)) *> <(BSal(aat t) ) »> T I BSal(d t) ) | a t) /\ 

(q t a {at, a (t+1) ) ) " 

);/ 

% 

Ona-bit A-clockad D-latch, with sat, with raiat, with anabla. 

% 


lat DSRELat A_OATE * naw_da f init ion 
( * DSRELat A_GATE ' , 

"! (d aat rat an q i tima->bool#bool) (a : time->bool) . 

DSRELat A_QATE d aat rat an a q > 

! tstima . 

(a (t-fl) a (ASal{an t ) ) 

■ > ((ASalfaat t) /\ -ASaKrat t)) *> T | 

( ( -ASal ( aat t } ) /\ ASaKrat t)) *> F | 

((-ASaKaat t) ) /\ -ASaKrat t) ) *> ASal(d t) | 

ARB) 

I a t) /\ 

(q t « (a (t+1) , a (t+1) ) > * 

);/ 

% 

Ona-bit B-clockad D-latch, with aat, with raaat, with a nab la . 
% 


lat DSRBLatB_OATB ■ naw_daf init ion 
( ' DSRBLatB_QATE * , 

** ! (d aat rat an q : tima->bool#bool ) (a : tima->bool ) 

DSRRLatB_OATB d aat rat an 1 q ■ 

I titima . 

(a (t+1) ■ (BSal(an t ) ) 

«> ( (BSal(aat t) f\ -BSal(rat t)) ■> T I 
( ( -BSal (aat t)) /\ BSaKrat t ) ) «> F I 
{(-BSal(aat t)) /\ -BSaKrat t) ) -> BSal(d t) I 
ARB) 

I a t) /\ 

(q t - (at, a (t+1) ) ) " 

);/ 

% 

N-bit A-clockad D-latch, no aat, no raaat, no anabla. 

% 


lat DLatNA_OATE - naw_daf init ion 
( ' DLa t NA_OATE * , 

** ! (d q x tima->wordn#wordn) (a t tina->wordn) . 

DLa t NA_OATB d a q - 
1 1 1 tima . 

(a (t+1) - ASal (d t)) /\ 

(q t « (a (t+1) , a (t+1) ) ) " 

);; 

% 

N-bit B-clockad D-latch, no aat, no raaat, no anabla* 
% 


lat DLatNB_C3ATB * naw_daf init ion 
( ' DLa t NB_OATE J , 

** S (d q t tima->wordn#wordn) (a 1 tixna->wordn) 
DLatNB_OATB d a q * 

! titima . 

(a (t+1) - BSal (d t)) /\ 

(q t - (at, a (t+1) ) ) w 

);; 
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closa_thaory ( ) / ; 


% 

Fils: ffs_daf.ml 

Author: (c) D.A. Fura 1992 

Data: 21 Saptambar 1992 


This fils contains ths ml sourcs for ths flip-flops ussd in ths gata-laval 
spscif ication of ths FTBP PIU, an ASIC dsvslopsd by ths Kmbaddad Procsssing 
Laboratory, Bosing High Tachnology Cantar. 


■% 


■at starc h p ath f ssarch pathO ® [ 1 /homs/slvis6/dfura/f tsp/piu/hol/lib/ ]);; 

sst_f lag ('timing', trus) ; / 

systam 'rm f f s_dsf . th' ; ? 

nsw_thsory ' f f »_dsf ' ; ; 

map naw_parsnt [ 'piuaux_dsf • ) ; ; 

% 

On*-bit po»itiv«-trigg*r*d flip-flop, no a*t, no no *n*bl* . 


1st DFFA_OATB ■ naw__daf initlon 
( ' DFFA_GATB ' , 

*1 (d q : t ims- >bool#bool ) (s : t ims- >bool ) 
DFFA_OATBd S q ■ 

! titims . 

(s (t+1) = BSsl (d t) ) /\ 

(q t ■ (st, s t) ) " 


On* -bit n*g«tiv*-trigg*r*d flip-flop, no »*t, no r*«*t, no anabl*. 


1st DFFB_OATH ■ nsw_dsf inition 
( 'DFFB_OATB' , 

*1 (d q 1 1 ims- > bool #bool ) (s : t ims- > bool ) 
DFFB_OATEd s q * 

1 titims . 

(s (t+1) * ASsl (d t) ) /\ 

(q t * (s t, s (t+1) ) ) w 


Ons-bit posit ivs-triggsrsd flip-flop, no sat, with rssst, no snabls. 


1st DRFFA_OATB - nsw_dsf inition 
( ' DRFFA_OATS ' , 

*1 (d rst q : t ims - >bool#bool ) (s :tims->bool) 

DRFPA_QATH d rst s q « 

! titims . 

(s (t+1) - BSsl (rst t) *> F I BSsl (d t)) /\ 
(q t * (s t, st))" 

) it 


Ons-bit nsgat ivs-triggsrsd flip-flop, no sat, with rssst, no snabls. 


1st DRFFB_0AT2 = nsw_daf inition 
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< ' DRFFB_GATB ' , 

"! (d rat q \ tima->bool#bool ) (s : tima->bool ) 

DRFFB_GATB d rat s q = 

! t : t ima . 

(0 (t+ 1 ) * ASal (rat t) s> F I ASal(d t)) f\ 

(q t ■ (»t, 0 <t+l)>)" 

)/; 

V- 

Ona-bit poaitiva-triggarad flip-flop, with aat, no raaat, no anabla. 

% 


lat DSFFA_GATE - naw_daf init ion 
( ' DSFFA_GATB ' , 

"I (d aat q t tima->bool#bool) (0 itima->bool) 

DSFFA_GATB d 00 t 0 q - 
! titima . 

(0 (t+ 1 ) * BSal(aat t) *> T I BSal(d t)) /\ 

(q t - (0 t , 0 t ) ) " 

);; 

% 

Ona-bit nagativa-triggarad flip-flop, with aat, no raaat, no anabla. 
% 


let DSFFB_GATB - naw_daf init ion 
( ' DSFFB_GATB ' , 

"! (d sat q i tima->bool#bool) (0 1 tima->bool) 

DSFFB_GATB d 00 t 0 q * 

! t : t im« . 

(s (t+ 1 ) - ASal ( aat t) => T 1 ASal (d t ) ) /\ 

(q t • (0 t, 0 (t+ 1 ) ) ) * 

>/7 

% 

Ona-bit po0itiv«- triggered flip-flop, with 00t, with raaat, no anabla. 
% 


let DRSFFA_GATB - naw_daf init ion 
( * DRSFFA_GATB ' , 

" f (d r 0 t 0«t q t tima->bool#bool) (0 t tima->bool) . 
DRSFFA_GATK drataataq* 

! t!tiA0 . 

(0 (t+ 1 ) « (BSal ( 0«t t) /\ -BSal ( r0t t)) «> 
( ( -BSal ( 00t t)) /\ bs« 1 (rat t)) 
((-BSal(aat t)) /\ -BSal (rat t)) 

ARB) /\ 

(q t * (at, 0 t) ) - 

) it 


T I 

-> F | 

«> BSal (d t) 


% 

Ona-bit nagativa-triggarad flip-flop, with aat, with raaat, no anabla. 


■% 


lat DRSFFB_GATE = naw_daf init ion 
( ' DRSFFB_GATE ' , 

M 1 (d rat 0 at q t tima->bool#bool) (0 itima->bool) . 
DRSF FB_GATB d rat aat 0 q * 

! titima * 


) /; 


(0 (t+ 1 ) - (ASal (aat t) /\ -ASal(rat t)) *> T | 

( ( -ASal ( aat t) ) /\ ASaKrat t) ) -> F | 

({-ASal (aat t ) ) /\ -ASal(rat t)) ■> BSaKd t) 
ARB) /\ 

(q t - (0 t, 0 (t+ 1 )) )" 


% 

Ona-bit posit iva-triggarad flip-flop, no sat, no rasat, with anabla. 


% 


lat DBFFA_GATB * naw_daf init ion 
( ' DEFFA_GATB ' , 
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M ! (d an q : tima->bool#bool) (a : t ima- > bool ) 

DBFFA_QATE d an a q * 

! t : tima . 

(0 (t+1) * BSal (an t) -> BSal(d t) I 0 t) /\ 

(q t - <• t, a t))" 

) ;; 

% 

Ona-bit nagativa-triggarad flip-flop, no i*t, no raaat, with anabla. 

% 


lat DBFFB_QATE * naw_daf inition 
( * DBFFB__GATB ' , 

(d an q i tima->bool#bool) {a : time->bool) . 

DEFFB_QATB d an a q * 

! t : t ima . 

(a {t+D * ASaKan t) *> ASal(d t) I a t) /\ 

(q t ■ (at, a (t+1) ) ) * 

);; 

% 

N-bit poaitiva-triggarad flip-flop, no aat, no raaat, with anabla. 


lat DBFFnA_OATB = naw_daf inition 
( ' DBFFnA_GATB ' , 

" i (d q : t ima - > wordn#wordn ) (an : tima->bool#bool) (a i tima->wordn) 

DBFFnA_OATB d an i q = 

! titima . 

(a (t+1) « BSal (an t) -> BSal(d t) lat) /\ 

(q t = (at, a t))" 

);; 

% - 

N-bit nagativa-triggarad flip-flop, no aat, no raaat, with anabla. 
% 


lat DBFFnB_OATB > naw_daf inition 
( ' DBFFnB_OATB ' , 

" ! (d q i tima->wordn#wordn) (an : t ima - >bool#bool ) (a : tima->wordn) 

DBFFnB_OATB d an a q ■ 

! titima . 

(a (t+1) * ASaKan t) *> ASal(d t) (at) /\ 

(q t = (a t, a (t+1)) )" 

);/ 

% 

Ona-bit poaitiva-triggarad flip-flop, no aat, with raaat, with anabla. 

% 


lat DRBFFA_OATB * naw_daf inition 
( ' DRBFFA_QATB ' , 

"! (d an rat q : tima->bool#bool) (a : t ima- > bool ) . 

DKBFFA_OATB d an rat a q - 
l titima . 

(a (t+1) * BSal (an t) => (BSaKrat t) »> F I BSal(d t ) ) I at) / \ 

(q t - (at, at))" 

);; 

% 

Ona-bit nagativa-triggarad flip-flop, no aat, with raaat, with anabla. 
% 


lat DREFFB.OATB « naw.daf inition 
( ' DRBFFB__QATE * , 

"l (d an rat q : tima->bool#bool) (a stima->bool) . 

DR3F FB_QATE d an rat a q * 

! titima . 

(a (t + 1) « ASaKan t) ■> (ASaKrat t) ■> F I ASal(d t)) I a t) A 
(q t - (a t, a (t+1)))" 

)il 
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% 

One-bit positive-triggered flip-flop, with set, no reset, with enable. 

% 

let DSBFFA_GATB = new_def init ion 
( ' DSBFFA_OATE ' # 

"1 (d en rst q : time->bool#bool) (s jtime->bool) . 

DSEFFA_GATB d en ret s q * 

! 1 1 1 ime . 

(s (t+1) * BSel (en t) -> (BSel(rst t) => T I BSel(d t)) I s t) A 
(qt = { s t, s t ) ) " 

);; 

% 

One-bit negative-triggered flip-flop, with set, no reset, with enable. 

% 

let DSBFFB_GATB - new_def init ion 
( ' DSEFFB_GATE ' , 

M i (d en rst q : time->bool#bool) (s jtime->bool) » 

DSEFFB_GATE d en rst s q * 

1 t s t ime . 

(s (t+1) - ASel(en t) *> (ASeKrst t) -> T I ASel(d t)) I s t) /\ 

(q t » (s t , s (t+1 ) ) ) m 

);; 

% 

One-bit positive -triggered flip-flop, with set, with reset, with enable. 


let DRSBFFA_GATE = new_def init ion 
( ' DRSBFFA_GATB ' , 

M \ (d en rst set q t time->bool#bool) (s :time->bool) . 

DRSBFFA_GATB d en rst set s q > 

1 t j time . 

(s (t+1) = BSel (en t) 

-> ((BSel (set t) f \ -BSel (rst t)) •> T ! 

( -BSel (set t) l\ BSeKrst t) ) -> F ! 

( -BSel (set t) A -BSel(rst t ) ) -> BSel(d t) | ARB) 

I s t) A 
(qt« (st, st)) w 

) ;; 

% 

One-bit negative -triggered flip-flop, with set, with reset, with enable. 

% 

let DRSRF FB_OATB * new_def init ion 
( ' DRSKFFB_GATB ' , 

*! (d en rst set q * time- > bool #bool) (s ttime->bool) . 

DRSEFFB_GATB d en rst set s q » 

! t : t ime . 

(s (t + 1) « ASeKen t) 

-> ((ASel(set t) /\ -ASel(rst t) ) o T | 

{-ASel(set t) /\ ASeKrst t) ) *> F I 

(-ASel(set t) A -ASeKrst t)) ■> ASel(d t) I ARB) 

I s t) A 

(q t ■ (s t , s (t+1) ) ) * 

)n 

close_theory ( ) ; i 


% 

Filet counters_def.ini 

Author: (c) D.A. Fura 1992-93 

Date: 4 March 1993 

This file contains the ml source for the counters used in the gate- level 
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•pacification of the FTBP PIU, an ASIC developed by tha Embedded Processing 
Laboratory, Boeing High Technology Canter. 


% 

aet_aearch_path (aaarch_path( ) 9 {' /home/ elvis6/dfura/f tep/piu/hol /lib/ # ? 

' /home/elvis6/dfura/hol/Library/toola/ ' 

]) ;; 

aet_flag ('timing', true)/; 

•yatem ' rm count ers_def . th' j ; 
new_theory ' count era_def ' ; ; 

map new_parent [ 'piuaux_def ' ; ' wordn_def ' ; 1 array_def ' / ' ineq' ] ; ; 

% 

Poaitive-triggered up-counter, no reaet. 

% 


let UpCntA_QATB * new_def inition 
( ' UpCnt A_OATB ' , 

" ! (az mum) (d q : t ime - > wordntwordn ) (Id up z : time->bool#bool) 

(a : t ime - >wor dn ) . 

UpCnt A_GATE az d Id up a q z > 

! t : time . 

(a (t+1) - (BSel ( Id t)) -> BSel (d t) | 

(BSel (up t)) -> INCN az (at) la t) /\ 

(q t - (((ASel(up t)) *> INCN az (at) I a t) , 

( (BSel (up t)) *> INCN az (at) I at))) /\ 

(z t » ( ( ASel (q t} * WORDN az 0), (BSel(q t> « WORDN az 0)))" 

)/; 

%— 

Negative -triggered up-counter, no reaet. 

- % 


let UpCnt B_QATB - new_def inition 
( ' UpCntB_GATB ' , 

"! (az tnum) (d q i time->wordn#wordn) (Id up z : time->bool#bool) 

(a : t izne - >wordn ) 

UpCnt B_OATB azdldupaqz* 

! tttime . 

(a (t+1) - (ASel (Id t)) «> ASel(d t) I 

(ASel(up t)) «> INCN az (at) | a t) /\ 

(q t - ({(ASeKup t)) «> INCN az (at) I a t) , 

( (BSel (up t)) «> INCN az (a (t+1)) | a (t+1)))) A 

(z t « ( (ASel (q t) * WORDN az 0), (BSel(q t) * WORDN az 0)))~ 

);; 

% 

Positive- triggered down-counter, no reaet. 

% 


let DownCntA_OATE * new_def inition 
( * DownCnt A_GATB ' , 

"l (az :num) (d q t time->wordn#wordn) (Id dn z t time->bool#bool) 

(a i tlme->wordn) 

DownCnt A_OATB szdlddnsqz* 

! tttime . 

(a (t+1) * (BSel (Id t) ) => BSel(d t) I 

(BSel (dn t)) ■ > DBCN az (at) la t) /\ 

(q t * ( ( (ASel (dn t)) » DBCN az (a t) | a t) , 

( (BSel (dn t)) »> DBCN az (at) I at))) A 

(z t - ( (ASel (q t) - WORDN az 0), (BSel(q t) - WORDN az 0)))" 

);; 

% 

Negative-triggered down-counter, no reaet. 

% 
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let DownCn t B_QATE = new_def ini t ion 
{ ' DownCn tB_OATB ' , 

"! (sz :num) (d q : time->wordn#wordn) (Id dn z : time->bool#bool) 

{ * x time->wordn) 

DownCntB_OATE sz d Id dn s q z = 

! tttime . 

(s (t + 1) = (AS«l(ld t)) => ASel (d t) | 

(ASel(dn t)) «:> DBCN >z (s t) Is t) /\ 

(q t = (((ASel(dn t)) *> DBCN bz (at) 1st) , 

( (BSel (dn t)) -> DBCN sz (8 (t+1) ) I • (t+1)))) /\ 

(z t = { (ASel (q t) = WORDN sz 0), (BSel(q t) * WORDN uz 0)))" 

) i i 

% 

Positive-triggered up-counter, with reset. 
% 


let UpRCnt A_OATB = new_def init Ion 
( * UpRCnt A_QATK ' , 

"l (sz mum) (d q t time->wordn#wordn) (Id up rst z : time- > bool #bool) 

(s t time->wordn) 

UpRCnt A_OATB sz d Id up rst s q z * 

! tit ime . 

(s (t+1) * (BSel (rst t ) ) => WORDN sz 0 | 

(BSel(ld t)) -> BSel (d t) I 

(BSel (up t)) «> INCN sz (s t) Is t) A 
(q t = (((ASel (up t) ) ■> INCN sz (s t) | s t) , 

( (BSel (up t)) ■> INCN sz (st) | it))) /\ 

(z t * ( (ASel (q t) - WORDN sz 0), (BSel(q t) * WORDN sz 0)))" 

);; 

% 

Negative -triggered up-counter, with reset. 

- % 


let UpRCnt B_OATE * new__def init ion 
( * UpRCntB_GATB ' , 

** ! (sz mum) (d q t time->wordn#wordn) (Id up rst z :time->bool#bool) 

(s : time->wordn) 

UpRCntB_GATB sz d Id up rst s q z ■ 

I titime . 

(s (t+1) - (ASel (rst t)) ■> WORDN sz 0 | 

(ASel (Id t ) ) *> ASel (d t) | 

(ASel (up t)) »> INCN sz (it) Is t) A 
(q t = (((ASel (up t) ) -> INCN sz (s t) | s t) , 

( (BSel (up t)) *> INCN sz (s (t+1)) I s (t+1)))) A 

(z t ■ ( (ASel (q t) « WORDN sz 0), (BSel(q t) « WORDN sz 0)))" 

);; 

% 

Positive-triggered down-counter, with reset. 

- % 


let DownRCnt A__OATB * new_def init ion 
( ' DownRCnt A_QATB ' , 

" ! (sz tnum) (d q t time->wordn#wordn) (Id dn rst z 1 1 ime->bool#bool ) 

(s : time->wordn) . 

DownRCnt A_GATK sz d Id dn rst s q z ■ 

! tttime . 

(s (t+1) - (BSel (rst t)) -> WORDN sz 0 | 

(BSel ( Id t)) -> BSel (d t) | 

(BSel(dn t ) ) •> DBCN sz (s t) | s t) A 
(q t « ( ( (ASel (dn t)) «> DBCN sz (s t) | 8 t) , 

( (BSel (dn t) ) -> DBCN sz (s t) I s t) ) ) A 

(z t = ( (ASel (q t) * WORDN sz 0) , (BSel(q t) * WORDN sz 0)))* 

)/; 

%- 

Negative -triggered down-counter, with reset. 

% 


let DownRCnt B_QATB * new_def init ion 
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( ' DownRCnt B_QATB ' , 

" ! (sz : nuxa) (d q : t ima- >wordn#wordn) (Id dn rat z : tima->bool#bool ) 

(s : t ima - > wordn ) 

DownRCnt B_(3ATB iz d Id dn rat a q z = 

! trtima . 

(a (t+1) = ( ASal (rat t)) *> WORDN az 0 | 

(ASal(ld t)) => ASal(d t) | 

(ASal (dn t) ) ■> DECK az (at) I a t) /\ 

(q t * ( ( (ASal (dn t)) -> DBCN az (at) I a t) , 

( (BSal (dn t ) ) -> DBCN az (a (t+1)) I a (t+1)))) A 

(z t - ( (ASal (q t) * WORDN az 0), (BSal(q t) « WORDN al 0)))" 

);; 

cloea_thaory( ) ; ; 


% 


Fila : datapatha_daf . ml 

Author : (c) D . A . Fura 1992-93 

Data: 4 March 1993 

Thia fila contalna tha ml aourca for tha datapath blocka of tha R-Port of tha 
FTBP PIU, an ASIC davalopad by tha Rmbaddad Procaaaing Laboratory/ Boaing High 
Technology Cantar. 

% 


,«t_aaarch_path ( aaarch_path{ ) 0 [ ' /homa/alvia6/dfura/hol/Library/aba_thaory/ # j 

' /homa/alvia 6 /dfura /hoi /Library/ toola/ ' ; 

' /home /alvla€ /dfura /ftap/piu/hol /lib/ ' 

]);/ 


aat_f lag (' timing', trua);; 
ayatam ' nn datapatha.daf ♦ th ' ; ; 
new_theory 'datapatha_def ' ; / 
loadf ' aba_theory ' ; ; 

map naw_parant [ 'piuaux_def 1 / ' array_daf 1 ; 'wordn_def ' ; ' inaq ' } ; ; 
lat RBP_ty « abs_typa_inf o (thaoram 'piuaux_daf ' 'RBP ' ) / / 

% 

Countar block uaad to build timara . 

% 


lat DP_CTR_OATB * naw_daf inition 
( ' DP_CTR_OATB ' , 

*1 (buaB_in bua A_out 1 buaA_out2 : t ima - >wordn#wordn ) 

(cir_wr c_ld cir_rd ca cin caror_ld cor_rd c_out ; t ima- > bool #bool) 
(r_ctr_in r_ctr r_ctr_new r_ctr_out t tima->wordn) 

(r_ctr_nmx_aal r_ctr_irden r_ctr_ce r_ctr_cin r_ctr_cry 
r_ctr_ordan : t ima -> bool ) 

DP_CTR_OATE buaB_in cir_wr c_ld cir_rd ca cin caror_ld cor_rd 

r_ctr_in r_ctr_mux_ael r_ctr_irdan r_ctr r_ctr_ce r_ctr_cin 
r_ctr_cry 

r_ctr_naw r_ctr_out r_ctr__orden buaA_outl buaA_out2 c_out * 

I (t rtime) . 

(r_ctr_in (t+1) - (BSel(cir_wr t)) ■> BSal(buaB_in t) | r_ctr_in t) /\ 
(r_ctr_mux_ael (t+1) ■ BSal(c_ld t)) /\ 

(r_ctr_irden (t+1) » BSal(cir_rd t ) ) A 

(r_ctr (t+1) - ( r_ctr_mux_aal t) »> r_ctr_±n t I r_ctr_new t) /\ 

(r_ctr_ca (t+1) « ASal{ca t)) /\ 

(r_ctr_cin (t+1) - ASal(cin t)) /\ 

( r_ctr_cry (t+1) - (r_ctr_ca t) /\ (r_ctr_cin t) /\ ONKS 31 (r_ctr t)) /\ 
(r_ctr_naw (t+1) « 

( (r_ctr_ca t) /\ (r_ctr_cin t)) »> INCN 31 (r_ctr t) I r_ctr t) /\ 
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(r_ctr_out (t+1) * (BSal (caror_ld t)) *> r_ctr_naw t | r_ctr_out t) /\ 
(r_ctr_ordan (t+1) * BSal(cor_rd t) ) /\ 

(buaA_outl t * 

( ( (r_ctr_irdan t) *> r_ctr_in t I ARBN}, ARBN) ) /\ 

(buaA_out2 t * 

( ( (r_ctr_ordan t) *> r_ctr_out t | ARBN) , ARBN)) /\ 

(c_out t * ( (r_ctr_cry t) , (r_ctr_cry (t+1))))" 


% 

Interrupt Control Ragiatar (ICR) block. 


■% 


lat DP_ICR_OATB * naw_daf lnit ion 
( 'DP_ICR_OATE ' , 

" J (rap t A RKP_ty) 

(buaA_in buaB_in buaA_out icr_out : t ima - > wordntwordn ) 

(icr_wr_f aadback icr_wr icr_aalact icr_ld icr_rd t tima->bool#bool) 

(r_icr_old r_icr_maak r_lcr % t ima - >wordn ) 

(r_icr_rdan ;tima->bool) 

DP_ICR_OATR rap buaA_in buaB_in icr_wr_f aadback icr_wr icr_aalact icr_ld icr_rd 
r_icr_old r_icr_maak r_icr r_icr_rdan buaA_out icr_out = 

1 ( t : t lma ) . 

(r_icr_old (t+1) « 

(BSal (icr_wr_f aadback t) ) => BSal (buaA_in t) I r_icr_old t) A 
(r_icr_maak (t+1) * 

(BSal (icr_wr t)) => BSal(buaB_in t) | r_icr_maak t) A 
(r_icr (t+1) = 

(BSal (icr_ld t) ) 

*> (ASal ( icr_aalact t)) => Andn rap (r_icr_old t, r_icr_maak t) 

I Orn rap (r_icr_old t, r_icr_maak t) 


I r_icr t) A 

(r_icr_rdan (t+1) * BSal(lcr_rd t)) A 

(buaA_out t - ( ( (r_icr_rdan t) *> r_icr t | ARBN), ARBN)) /\ 
(icr_out t * (r_icr t, r_icr (t+1)))" 


) ; ; 


Control ragiatar uaad to build Oanaral Control Ragiatar (OCR) and Communication 
Control Ragiatar (CCR) . 

- - 


lat DP_CR_GATB » naw_daf inition 
( ' DP_CR_OATB ' , 

*] (buaB_in buaA_out cr_out : t ima - >wordn#wordn ) 

( cr_wr cr_rd : tima->bool#bool ) 

( r_cr : t ima - > wordn ) 

( r_cr_rdan : t ima- > bool ) 

DP_CR_OATB buaB_in cr_wr cr_rd 
r_cr r_cr_rdan 
buaA_out cr_out * 

! ( t * t ima ) . 

(r_cr (t+1) * (BSal(cr_wr t)) => BSal(buaB_in t) | r_cr t) A 
(r_cr_rdan (t+1) * BSal(cr_rd t)) A 

(buaA_out t ■ (({r_cr_rdan t) *> r_cr t | ARBN), ARBN)) A 
(cr_out t * (r_cr t, r_cr (t+1)))" 

) i / 


% 

Statua Ragiatar Block. 


% 


lat DF_SR_OATB * naw_daf ini t ion 
( ' DP_SR_OATB * , 

* l ( lnp buaA_out i 1 ima - > wordniwordn ) 
(aror_ld ar_rd t tima->bool#bool) 
(r_ar s t ima -> wordn ) 

(r_ar_rdan ttiraa->bool) . 

DP_SR_OATR inp aror_ld ar_rd 
r_ar r_ar_rdan 
buaA_out * 

1 (t i tima) . 
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(r_ar (t+1) * (BSal ( aror_ld t)) «> BSal(inp t) | r_ar t) A 
(r_ar_rdan (t+1) » BSal(ar_rd t)) /\ 

(bu*A_out t * { ( ( r_ar_rdan t) *> r_ar t | ARBN) , ARBN) ) " 


cloaa_thaory( ) / ; 


Fila: 
Author t 
Data: 


buaa*_daf.ml 
(c) D.A. Pura 1992-93 
4 March 1993 

% 


ayatam 'rm buaae_daf . th' ; ; 


naw_thaory 'buaaa_daf ' / ; 

aat_aaarch_path (aaarch_path( ) B £ ' /homa/alvia6/dfura/f tap/piu/hol/lib/ ' ; 

/ /homa/alvia6/dfura/hol/ml/ ' ; 

' /homa/alvisfi/dfura/hol/Library/toola/ ' 

]) a 

map naw_parant [ 'piuaux_daf § ; 'array_da£ ' ; 'wordn_daf ' ; 'buan_daf ' ; ' inaq' 3 ; ; 

naw_typa_abbrav ( ' tima * x num" } ; ; 

naw_typa_abbrav ( 'worda ' ,”s num- >bool* ) ; ; 

lat Bua2n_CF * naw_daf ini t ion 
( 'Bua2n_CF ' , 

-1 (m n tnun) (InDl inD2 rbuantbuan) 

Bua2n_CF (m, n) inDl inP2 ■ 

lat offal « OFFnP (ASal inDl) (m,n) in 

lat of f a2 - OFFnP (ASal inD2 ) (m,n) in 

lat offbl ■ OFFnP (BSal inDl) (m,n) in 

lat of fb2 = OFFnP (BSal inD2 ) (m,n) in 

( ( (-offal) »> of f a2 I T) A 
( (-offbl) «> of fb2 | T ) )» 

)n 

lat Bual2n_CF * naw_daf inition 
( ' Bual2n_CF ' , 

"l (m n tnum) (inDl inD2 inD3 inD4 inD5 inD6 inD7 inD8 inD9 inDlO inDll 
inDl2 tbuantbuan) 

Bual2n_CF (m,n) inDl inD2 inD3 inD4 inD5 inD6 inD7 inD8 inD9 inDlO inDll 
inDl 2 . 


lat 

offal 

m 

OFFnP 

(ASal 

inDl) 

(m,n) 

in 

lat 

of f a2 

s 

OFFnP 

(ASal 

inD2 ) 

(m,n) 

in 

lat 

of fa3 


OFFnP 

(ASal 

inD3) 

(m,n) 

in 

lat 

of f a4 


OFFnP 

(ASal 

inD4) 

(n,n) 

in 

lat 

of f a5 


OFFnP 

(ASal 

inD5 ) 

(m, n) 

in 

lat 

of f a6 


OFFnP 

(ASal 

inD6) 

(m,n) 

in 

lat 

of f a7 


OFFnP 

(ASal 

inD7) 

(m,n) 

in 

lat 

of f a8 


OFFnP 

(ASal 

inD8) 

(m, n) 

in 

lat 

of f a9 


OFFnP 

(ASal 

inD9 ) 

(m, n) 

in 

lat 

offalO i 

i OFFnP 

(ASal inDlO) (m,: 

n) in 

lat 

of fall ■ 

• OFFnP 

(ASal inDll) (m,n) in 

lat 

of fall > 

■ OFFnP 

(ASal inD12 ) (m. 

n) in 

lat 

offbl 


OFFnP 

(BSal 

inDl) 

(m,n) 

in 

lat 

of fb2 


OFFnP 

(BSal 

inD2) 

<m,n) 

in 

lat 

of fb3 


OFFnP 

(BSal 

inD3 ) 

(m,n) 

In 

lat 

of fb4 


OFFnP 

(BSal 

inD4) 

(m,n) 

in 

lat 

offbS 


OFFnP 

(BSal 

inD5 ) 

(m,n) 

in 

lat 

of fb6 


OFFnP 

(BSal 

inD6) 

(m,n) 

in 

lat 

of fb7 


OFFnP 

(BSal 

inD7 ) 

(m,n) 

in 

lat 

offbS 


OFFnP 

(BSal 

inD8) 

(m, n) 

in 

lat 

of fb9 


OFFnP 

(BSal 

inD9 ) 

(n,n) 

in 

lat 

offblO 

- OFFnP 

(BSal inDlO) (m. 

n) in 


36 



lat of fbll * OFFnP (BSal inDll) (m,n) in 
lat of fbl2 = OFFnP (BSal inDl2 ) (m,n) in 

(((-offal) «> (of f a2 A offa3 /\ offa4 /\ offaS /\ offa6 /\ offa7 /\ 
offaB A of f a9 /V offalO /\ offall /\ offal2) I 
( -offal ) *> (of f a3 /\ offa4 /\ offaS A offa6 /\ offa7 /\ offa8 /\ 
of f a9 /\ offalO /\ offall /\ offal2) I 
{-of f a3 ) *> (of f a4 A offa5 /\ offa6 /\ offa7 /\ offaB A offa9 /\ 
offalO /\ offall A of f al2 ) I 

(-of f a4 } => (offaS /\ offa6 /\ offa7 /\ offaS /\ offa9 /\ offalO /\ 
offall /\ of f al2 ) | 

(-of f a5) *> (of f a6 /\ offa7 /\ offaB /\ offa9 A offalO A offall /\ 
offall ) { 

{-offaB) *> (of f a7 /\ offa8 /\ offa9 /\ offalO A offall /\ offal2) l 

( -of f a7 ) => (offaB /\ offa9 /\ offalO A offall A offal2) I 

( -offaB ) *> (of f a9 /\ offalO /\ offall /\ offall) I 

(-of fa9) *> (offalO A offall A offal2) I 

(-offalO) -> (offall /\ of f al2 ) I 

(-offall) => (of f al2 ) I T) /\ 

( ( -of fbl ) *> (of fb2 A of fb3 /\ offb4 A offb5 /\ offb6 /\ offb7 /\ 
offbB /\ of fb9 A offblO A offbll /\ offbl2) I 
( -of fb2 ) => (of fb3 /\ of fb4 /\ offbS /\ offb6 /\ offb7 A offbB A 
of fb9 /\ offblO /\ offbll /\ of fbl2 ) I 
( -of fb3 ) *> (of f b4 /\ of fb5 /\ offbB A offb7 /\ offbB A offb9 A 
offblO /\ offbll A of fbl2 ) | 

(-of fb4) => (of f b5 /\ of fb6 A offb7 /\ offbB /\ offb9 /\ offblO /\ 
offbll A of fbl2 ) I 

(-offbS) *> (offbB /\ of fb7 /\ offb8 /\ offb9 /\ offblO A offbll A 
of fbl2 ) I 

(-offbB) *=> (of fb7 A offbB A offb9 /\ offblO A offbll A offbl2) I 
( -of fb7 ) »> (offbB /\ of fb9 A offblO A offbll A offb!2) I 
(-offbB) *> (of fb9 /\ offblO /\ offbll A offbl2) I 
( -of fb9 ) «> (offblO /\ offbll /\ offbll ) | 

(-offblO) => (offbll /\ of fbl2 ) | 

(-offbll) => (of fb!2 ) | T))" 


lat MBRGR 2 n_OATE * naw_daf ini t ion 
( ' MBRGB2n_GATB ' , 

** ! (m n tnum) (inDl inD2 out i tima->buan#bu*n) 

MBROB 2 n_QATH (m, n) inDl inD2 out * 

Ititima. 
out t * 

( ( (Bua2n_CF (m, n) (inDl t) (inD2 t)) 

» (OMnP ( Aflal ( inDl t)} (m,n)) -> (AS«l(inDl t) ) | 

(ONnP (ASal ( inD2 t)) (m,n) ) *> (ASal(inD2 t)) I Offn 

I ARBN) , 

( (Bua2n_CF (m,n) (inDl t) (inD2 t)) 

«> (ONnP (BSal { inDl t)) (m,n)) *> (BS«l(inDl t) ) | 

(ONnP (BSal ( inD2 t)) (m,n)) -> (BSal(inD2 t) ) I Offn 

) ARBN))" 


lat JO I N2 n_OATK * naw_daf init ion 
( ' JOIN2n_OATE' , 

"1 (m n inum) (inDl inD2 : tima->buan#bu*n) (out s t ima - >wordn#wordn ) 
J0IN2n_GATB (m, n) inDl inD2 out - 
! t : tirna . 
out t * 

( ( (Bua2n_CF (m,n) (inDl t) ( inD2 t)) 

*> (ONnP (ASal (inDl t) ) (m,n) ) *> wordnVAL (ASal (inDl t)) I 

(ONnP (ASal ( inD2 t) ) (m,n)) *> wordnVAL (ASal(inD2 t) ) 

j wordnVAL (Offn) 

I ARBN) # 

( (Bu^2n_CF (m # n) (inDl t) (inD2 t) ) 

.> (ONnP (BSal ( inDl t)) (m,n)) => wordnVAL (BSal(inDl t) ) I 

(ONnP (BSal ( inD2 t)) (m f n)) *> wordnVAL (BSal(inD2 t)) 

| wordnVAL (Offn) 

| ARBN))" 


lat J0IN12n_GATK * naw_daf init ion 
( ' J0INl2n_GATB ' , 
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"! (m n tmim) (inDl inD2 inD3 inD4 inD5 inD6 inl)7 inD8 inD9 inDIO inDll 
inDl2 t tim«->bu*n#bu*n) (out t t im«->wordn#wordn) . 


JOIN12n_QATB (m,n) inDl inD2 inD3 
inDl 2 out ■ 

! 1 1 tiXM « 
out t * 

( ( (Bual2n_CF (m,n) (inDl t) 
(inD6 t) (inD7 
(inDl2 t)) 

«> (ONnP (AS«1 ( inDl t ) ) 
(ONnP ( AS«1 ( inD2 t)) 
(ONnP (AS»l(inD3 t)) 
(ONnP (AS«1 (inD4 t)) 
(ONnP (AS«1 ( inD5 t)) 
(ONnP (AS*l(inD6 t)) 
(ONnP (AS*1 ( inD7 t ) ) 
(ONnP (AS*1 < inD8 t ) ) 
(ONnP (Afl«l(inD9 t)) 
(ONnP (AS«1 (inDIO t) 
(ONnP (AS*1 (inDll t) 
(ONnP ( AS«1 ( inDl 2 t)) 

I ARBN) , 

( (Bu»12n_CF (m,n) (inDl t) 

( inD6 t ) ( inD7 

(inD12 t)) 

«> (ONnP (BS«l(inDl t)) 
(ONnP (BS*1 ( inD2 t) ) 
(ONnP (BSal (inD3 t)) 
(ONnP (BS«l(inD4 t)) 
(ONnP (BS*l(inD5 t)) 
(ONnP (BS«l(inD6 t ) ) 
(ONnP (BSwl(inD7 t)) 
(ONnP (BSwl (inD8 t)> 
(ONnP (BS«l(inD9 t)) 
(ONnP (BS«1{ inDIO t)) 
(ONnP (BS«1 ( inDll t)) 
(ONnP (BS«1 ( inDl 2 t)) 

I ARBN) ) * 

);; 

clos«_th«ory ( ) ; ; 


inD4 inDS inD6 inD7 inD8 inD9 inDIO inDll 


(inD2 t) (inD3 t) (inD4 t) (inD5 t) 
t) (inDS t) ( inD9 t) (inDIO t) (inDll t) 

(m,n)) «> wordnVAL (AS«l(inDl t) ) | 

(m,n) ) «> wordnVAL (AS«l(inD2 t) > I 
(m,n) ) -> wordnVAL (ASftl(inD3 t) ) I 
(m,n) ) «> wordnVAL (AS«l(inD4 t) ) I 
(m,n) ) *> wordnVAL (AS«l(inD5 t ) ) I 
(m,n) ) «*> wordnVAL (AS«l(inD8 t)) I 
(m,n)) ■> wordnVAL (AS«l(inD7 t)) | 

(m,n) ) »> wordnVAL (AS*l(inD8 t)) I 
(m,n)) «> wordnVAL (AS«l(inD9 t) } I 
> (m,n) ) = > wordnVAL (AS«1< inDIO t)) | 

) (m,n) ) «> wordnVAL (ASwl ( inDll t ) ) ) 
<ra,n) } m> wordnVAL (AS»l(inD12 t)) 

I wordnVAL (Ottn) 

(inD2 t) ( inD3 t) (inD4 t) (inDS t) 
t) (inDS t) (inD9 t) (inDIO t) (inDll t) 

(m,n) ) *> wordnVAL (BS«l(inDl t)) I 
(m,n) ) «> wordnVAL (BS»l(inD2 t)) ( 

(m,n) ) «> wordnVAL (BS«l(inD3 t)) I 
(m,n) ) » wordnVAL (BS«l(inD4 t)) | 

(m, n) ) *> wordnVAL (BSwKinDS t)) | 

(zn, n) ) ■> wordnVAL (BS«l(inD6 t)) I 
(m,n) ) *> wordnVAL (BS«l(inD7 t) ) I 
(m,n) ) *> wordnVAL (BS«l(inD8 t) ) I 
(m, n) ) ■> wordnVAL (BS«l(inD9 t) ) I 
(m, n) ) «> wordnVAL (BS«1 (inDIO t) ) I 
(m,n) ) => wordnVAL (BS«l(inDll t) ) I 
(m,n) ) => wordnVAL (BS«l(inD12 t)) 

I wordnVAL (Offn) 
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3 PIU Design Specification 

This section contains the HOL listings for the PIU design specification. Subsection 3.1 contains defini- 
tions used throughout the PIU specification. Subsections 3.2-3.6 contain the specifications for the P-Port, 
M-Port, R-Port, C-Port, and SU-Cont, respectively. Each of these subsections contains three theories, defin- 
ing the data stuctures, the gate-level structure, and the clock-level behavior for each of the five PIU ports. 


3.1 PlU-Applicable Definitions 

This section contains the code for the theory piuaux_def, containing several definitions used throughout 
the PIU specification. 

% 


Pile : piuaux_def . ml 

Author: (c) D.A. Pura 1992-93 

Data: 1 March 1993 

This file contains auxiliary definitions needed for the spacif ication of the 
PTEP PIU, an ASIC developed by the Embedded Processing Laboratory, Boeing 
High Technology Center. 

% 


set_flag ('timing', true)/; 

set_*earch_path (search_path ( ) 0 [ ' /home/elvisfi/dfura/f tep/piu/hol/lib/ ' ; 

' /home /elvis 6 /dfura/hol /Library /abs_theory/ ' 

]);; 


system 'rm piuaux_def . th' / / 

new_theory 'piuaux_def ' ; / 

loadf ' abs_theory ' / ; 

new_type_abbrev ( 'time ' , " : num" ) ; ; 
new_type_abbrev ( ' wordn ' , " : (num->bool) ") ; ; 

% 

Abstract data type for the SU_Cont PSM states. 


% 


let s f sm_t y _Ax i om a 

define_type * sf sm_ty_Axioxn' 

' sf sm_ty a SSTART | SRA | SPF | SCOI | SCOP | ST | SC1I | 
SC1P I S3 | SSTOF I SCS | SN ! SO';; 


let ASel a new_def inition 
( ' ASel ' , 

" !x : *#* . ASel x * PST x" 

)f / 

let BSel a new_def inition 
( ' BSel ' , 

" !x : *#* . BSel x * SND x" 

) ;; 

let sig a new_def inition 
( 'sig' , 

"sig (sel i*->**) (signal :time->*) a (\t. (sel (signal t)))" 
) ;; 


39 



(\t. ASel (sel (signal t))) 


1st asig = new.def inition 
( 'asig' , 

"asig (sal »*->**#•*) (signal :time-> # ) * 

);; 

let bsig * new.def inition 
( 'bsig' , 

"bsig (sel :*->**#**) (signal stime->*) = (\t. BSel (eel (signal t)))" 

);; 

let VDD » new_def inition 
( 'VDD' , 

"l t : time . VDD t * T, T* 

)/; 

let OND ■ new.de £ inition 

( ' OND ' , 

* ! t i time . OND t - P,F" 

);; 

let RBP.lemma = new_abstract_representation 'RBP ' 

[{'Andn', " s (wordn#wordn-> wordn) " ) ; 

( ' Orn ' , " : ( wordn#wordn- >wordn) " ) ; 

('Ham.Dec', " : { wordn->wordn) ") ; 

( 'HanUDetl' , " : ( wordn -> wordn) ") ; 

( 'Ham^Detl ' , * s (wordn#bool->bool) ") ; 

('Ham_Bnc', * : (wordn->wordn) *) ; 

('Par.Dec', " s ( wordn ->wordn) " ) ; 

('Par.Det', * s (wordn->bool) ") ; 

( ' par.Bnc ' , " : (wordn- >wordn) " ) 

];; 

let rep.ty - abs_type_info RBP.lerama; ; 
close.theory ( ) ; ; 


3.2 P-Port Definitions 

This section contains the theories paux_def, pblock_def, and pclockjdef, defining the P-Port design. 


File : paux_def . ml 

Authors (c) D.A. Fura 1992 

Dates 10 December 1992 


% 


set_flag ('timing', true);; 

■ at search, path (search, path() ® [ ' /home/elvis6/dfura/£tep/piu/hol/lib/ ' ; 

' /home/elvia6/dfura/hol/Library/work/ ' 
))// 


system 'rm p&ux.def . th' ; ; 
new_ theory 'paux.def ' ; ; 
map new_parent [ 'busn_de£ ' ] ; ; 


new.type.abbrsv 
new_type_abbrev 
new.type.abbr e v 
new_type_abbrev 


( 'time ' , 
( 'timeC' 
( ' wordn ' 
( 'busn' , 


* : num" ) ; ; 

" : num" ) ) / 
u : (num->bool) ") ; / 
" s ( num- >wire ) " ) ; ? 
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Abstract data typa for tha P-Port FSM statas. 

- % 

let pf sm_ty_Axiom * 

dafina_typa 'pf sm_ty_Axiom' 

'pfsm_ty ■ PH | PA | PD'// 

% 

Abstract data typa for tha P-Port instruction. 

% 

1st PCI * 

daf ina_typa ' PCI ' 

'PCI = PC_X'// 

% 

Abstract data typa for tha stata. 

- % 

1st pc_stata * 

dafina_typa 'pc_stata' 

'pc_stata ■ PCStata vrordn bool wordn bool pfsia_ty bool bool bool 
bool bool bool bool bool wordn bool bool bool 
bool bool bool ' / / 

1st P_addrS * naw_racuraiva_daf init ion 
falsa 
pc_stata 
' P_addrS ' 

"P_addrS (PCStata P_addr P_dastl P_ba_ P_wr P^fsnu^tata P_fsnL_rst 

P_f sm_mrqt P_fsm_sack P_fsm_cgnt_ P_f sm_crqt_ P_f sm_hold_ 

P_f sm_lock_ P_rqt P_siza p_load P_down P_lock_ p_lock_inh_ 
P_mala_ P_rala_) 

■ P_addr w / ; 

lat P_dastlS - naw_racursiva_daf init ion 

falsa 

pc_stata 
'P_dastl S' 

"P_dastlS (PCStata P_addr P_dastl P__ba_ P_wr P_fsn*_stata P_fsm_rst 

P_f sm_mrqt P__fsm_sack P_f snv_cgnt_ P_f sm_crqt_ P_f sin_hold_ 

P_f sm_lock_ P_rqt P_siza P_load P_down P_lock_ P_lock_inh_ 
P_mala_ P_rala_) 

- P_dastl"// 

lat P_ba_S - naw_racursiva_daf init ion 
falsa 
pc_stata 
' P_ba_S ' 

*P_ba_S (PCStata P_addr P_dastl P_ba_ P_wr P__fsnk_ stata P_fsin_rat 

P_f sm_mrqt p_fsm_sack P_f sm_cgnt_ P_f am_crqt_ P_f sm_hold_ 
P_fsm_lock_ P_rqt P_siza P_load P_down P_lock_ P_lock_iah_ 
P_mala_ P_rala_) 

* P_ba_" / / 

lat P_wrS m naw_racursiva_daf init ion 
falsa 
pc_stata 
'P_wrS ' 

"P_wrS (PCStata P_addr P_dastl P_ba_ P_wr P_fanL_atata p_fsm_rst 

P_f sm_mrqt P_fsm_sack P_f sm^cgnt_ P_f sm L _crqt_ P_f sm_hold_ 

P_f sm^loc>:_ P_rqt P_s iza Pload P_down P_lock_ P_lock_inh_ 
P_mala_ P_rala_) 

* P_wr" / / 

lat P_fsnustataS ■ naw_racursiva_daf init ion 
falsa 
pc_stata 
'P_fsm_stataS' 

*P_f sn*_»tataS (PCStata P_addr P_dastl P_ba_ P_wr P_fsm_stata P_fsm_rst 

P_f sm_mrqt P_f sm_sack P_f sm_cgnt_ P_f sm L _crqt_ P_f sm_hold_ 
P_fsm_lock_ P_rqt P_s iza P_load P_down P_lock_ P_lock__inh_ 
P_mala_ P_rala_) 

* P_f sm_stata"/ / 
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let P_fML-r*tS * naw_racursiva_daf inition 

falaa 

pc_stata 
'P_f sm^ratS ' 

"P_f sm_ratS (PCStata P_addr p_daatl P_ba_ P_wr P_£*W_stata P_fsxn_rst 

P_f *m_mrqt P_f »m_aack P_f •m_cgnt_ P_f am_crqt_ P_faro_hold_ 
P_f em_lock_ P_rqt P_siza P_load P_down P_lock_ P_lock_inh_ 
p_mala_ P_rala_) 

« P_f *m_r«t " ; / 

let p_f anumrqts * naw_racursiva_daf inition 
falsa 
pc_stata 
'P_£am_mrqtS ' 

-P fam.mrqts (PCStata P_addr P_daatl P_ba_ P_wr P_fsnL_stata P_fsm_rst 

P_f* m _mrqt P_f am_aack P_f sm_cgnt_ P_fam_crqt_ P_f sm_hold_ 
p_f enj i _loc)c_ F_rqt P_siza P_load P_down P_lock_ P_lock_inh_ 
P_mala_ P_rala_) 

* P_f am_mrqt " ; / 

let P_fam_**ckS * naw_racuraiva_daf inition 
f alaa 
pc_atata 
'P_f anu»ackS ' 

"P_fanu»ackS (PCStata P_addr P_daatl P_ba_ P_wr P_fsnu*tata P_fam_rst 

p_fanL_mrqt P_fam^aack P_f *m_cgnt_ P_fsm_crqt_ P_f»m_bold_ 
P_f *m_lock_ P_rqt P__»iza p_load P_down P_lock_ P_lock_inh_ 
P_mala_ P_rala_) 

* P_f snv_sack" ; ; 

let P_fanucgnt_S ■ naw_racursiva_daf inition 
falaa 
pc_atata 
x P_f am_cgnt_S ' 

-P f am L _cgnt_S (PCStata P_addr P_daatl P_ba_ F_wr P_fsnu«tata P_fanurat 

P_f am^mrqt p_f am^aack P_f am_cgnt_ P_fsm_crqt_ P_f am_hold_ 
p_f e m _lock_ P_rqt P_fiza P_load P_down P_lock_ P_lock_inh_ 
P_mala_ P_rala_) 

» P_f am_cgnt_" ; ; 

let P_f anucrqt_S * naw_ra cur a iva_daf inition 
falaa 
pc_atata 
'P fanucrqt_S f 

"P_f aa^_crqt_S (PCStata P_addr P_daatl P_ba_ P_wr P_fan*_stata P_fsn*_rat 

P_fam_mrqt P_fam^aack P_fam_cgnt_ P_fam_crqt_ P_fsnuhold_ 
P _f en^lock. P_rqt P_aiza P_load P_down P_lock_ P_lock_inh_ 
P_mala_ P_rala_) 

■ P_f am_crqt_ w ; ; 

let P_£am_hold_S * naw_racuralva_daf inition 
falaa 
pc_atata 
' P_f am_hold_S ' 

"P_f am_hold_S (PCStata P_addr P_dastl P_ba_ P_wr P_fsm_atata P_fan*_rst 

p_f emmrqt P_fam_aack P_f am_cgnt _ P_fsm_crqt_ P_fam_bold_ 
p_f em_lock_ P_rqt P_#iza P_load P_down P_lock_ p_lock_inb_ 
P_mala_ P_rala_) 
m P_f •m_hold_'' ; ; 

let P_fam_lock_S = naw_racursiva_daf inition 
falaa 
pc_atata 
# P_faBLlock_S # 

"P_f am_lock_S (PCStata P_addr P_dastl P_ba_ P_wr P_fsnv_atata P_fam_rat 

P_f en^mrqt p_fan*_sack P_f »xn_cgnt _ P_f aro_crqt_ P_fanL_bold_ 
p_f env_lock_ P_rqt P_aiza P_load P_down P_lock_ P_lock_inh_ 
P_mala_ P_rala_) 

- P_f am_lock_" ; ; 

let P_rqtS * naw_ra crura iva_daf inition 
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f Alta 

pc_etate 
'P_rqtS ' 

"P_rqts (PCStatA P_addr F_deatl P_ba_ P_wr P_f am^atate P_fenuret 

P_fam_mrqt P_fera_aack P_fam_cgnt__ P_f am_crqt_ P_f am_hold_ 
F_£am_lock_ P_rqt P_aize P_load P_down P_lock_ P_lock_inh_ 
P_male_ P__rale_) 

* P_rqt"; ; 

let P_aizeS ■ new_recuraive_def inition 
falae 
pc_atate 
'P_eizeS' 

"P_aizeS (PCState P_addr P_deatl P_be_ P_wr P_fam_atate P_fam_rat 

P_fam_mrqt P_fam_aack P_fam_cgnt_ P_f am_crqt_ P_£ara_hold_ 
P_f am_locb_ P_rqt P_aize P_load P_down P_lock_ P_lock_inh_ 
P_male_ P_rale_) 

* P_aize" / ; 

let P_loadS = new_recuraive_def ini t ion 
falae 
pc_etate 
'P_loadS ' 

"P_ loads (PCState P_addr P_deatl P_be_ P_vr P_fam_atate P_f turret 

P_f am_mrqt P_fam_aack P_fam_cgnt_ P_£am_crqt_ P_f am_hold_ 
P_f am_lock_ P_rqt P_alze P_load P_down P_lock_ P_lock_inh_ 
P_male_ P_rale_) 

* P_load" / ; 

let P_downS ■ new_recuraive_def init ion 
falae 
pc_atate 
# P_downS ' 

"P_downS (PCState P_addr P_deatl P_be_ P_wr P_fam_atate F_fam_rat 

P_fam_mrqt P_f ar\_aack P_f am_cgnt_ P_f am_crqt_ P_f am_hold_ 
P_fam_locJc_ P_rqt P_aize P_load P_down P_lock_ F_lock_inh_ 
P_mal«_ P_rale_) 

= P^down " / ) 

let P_lock_S = new_rec\ira ive_.de f iaition 
falae 
pc_atate 
' P_lock_S 1 

"P_lock_S (PCState P_addr P_deetl P_be_ P_wr P_fam_atate P_fanurat 

P_f em__mrqt P_fam L _aack P_f am_cgnt_ P_f am_crqt_ P_f am_hold_ 
P_fam_lock_ P_rqt P_aize P_load P_down F_lock_ P_lock__inh._ 
P_male_ P_rale_) 

* P_lock_" ) ; 

let P_lock_inh_S ■ new_recnraive_def iaition 
falae 
pc_atate 
' P_lock_inh_S ' 

* P_lock_inh_S (PCState P_addr P_deatl P_be_ P_wr P_f anuatate P_fam l _rat 

P_f am_narqt P_f am_aack P_f an^_cgnt_ P_f am_crqt_ P_f am_hold_ 
P_fam_lock_ P_rqt P_aize P_load P_down P_lock_ P_lock_inh_ 
P_male_ P_rale_) 

* P_lock_inh_" ? ; 

let P_male_S * new_recuraive_def inition 
falae 
pc_etate 
' P_male_S ' 

"P_male_S (PCState P_addr P_deatl P_be_ P_wr P_fam_atate P_fam_rat 

P_f am_mrqt P_fam_aack P_f am_cgnt_ P_£em_crqt_ P_f am_hold_ 
P_f am_lock_ P_rqt P_aize P_load P_down P_lock_ P_lock_inh_ 
P_male_ P_rale_) 

= P_male_" ; ; 

let P_rale_S ■ new_recuraive_def initioa 
falae 
pc_etate 
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'P_rala_S ' 

«p_ r al«_s (PCStata P_addr P_daatl P_ba__ P_wr P_fam_atata P_fam_rat 

P_f*m_mrqt P_fan_aack P_fanucgnt_ P_fam_crqt_ P_fanL.hold_ 
P_f *m^loc)c_ p_rgt P_»iza P_load P_down P_lock_ p_lock_tnh_ 
P_mala_ P_rale_) 


lat Stata_CASBS * 

pi-ova caaaa_thm (prova indue tion_ thin pc_atata) ; ; 


lat Stata_Salactora_Work * prova_thxn 
( 'Stata_Salactora_Work' , 

" ! a ipc_atata . 

a s (PCStata (P_addrS a) (P_daatlS a) (P_ba_S a) (P_wrS a) (P_fam_atataS 
(p_f ®n^_rats a) (P_f am_mrqts a) (P_f am^aackS a) (P_f anL_cgnt_S a) 

(P_f am_crqt_S a) (P_f anubold_S a) (P_f anulock.S a) (P_rqtS a) 
(p_aizaS a) (P_loadS a) (P_downS a) (P_lock_S a) ( P_lock_inh_S a) 
(P_mala_S a) (P_rala_S a))*. 


a) 


GBN_TAC 

THEN STRUCT_CASBS_TAC (SPBC "a :pc_atata w Stata_CASBS) 

THEN RBWRITB_TAC [P.addrS; P_daatlS; P_ba_Sj P_wrS; P_f sm_»tataS; P_f airk_ratS; 

P_f anL_mrqtS/ P_f anu»ackS; P_f am_cgnt_S ; P_f am_crqt_S; 

P_f anubold_S; P_f anulock.S j P_rqtS; P_aizaS; P_loadS; 
P_downS / p_lock_S; P_lock_inh_S/ P_mala_S; P_rala_S] 




% 

Abatract data typa for tha anvironroant . 


■% 


lat pc_anv * 

daf ina_typa 'pc_anv' 

'pc_*nv ■ PCKnv bool# bool wordn#wordn bool#bool bool#bool 
wordn#vordn bool#bool bool#bool wordn#wordn 
bool#bool bool#bool bool#bool';; 

lat RatB ■ naw_racuraiva_daf inition 

falaa 

pc_anv 

'RatB' 

"RatB (PCBnv Rat L_ad_in L_ada_ L_dan_ L_ba_ L_vrr L_lock_ I_ad_in 
I_cgnt_ I_hold_ I_ardy_) 

» Rat"; ; 

l#t L_ad_inB ■ naw_racuraiva_daf inition 
falaa 
pc_anv 
' L_ad_inB ' 

»L_ad_inE (PCBnv Rat L_ad_in L_ada_ L_dan_ L_ba_ L_%rr L_lock_ I_ad_in 
I_cgnt_ I_hold_ I„ardy_) 

> L_ad_in" j ; 

l#t L_ada_B * naw_racuraiva_daf inition 
falaa 
pc_anv 
' L_ada_B ' 

"L_ada_B (PCBnv Rat L_ad_in L_ada_ L_dan_ L_ba_ L_wr L_lock_ I_ad_in 
I_cgnt_ I_hold_ I_ardy_) 
b L_ada_" / ; 

l*t L_dan_B » naw_racuraiva_daf inition 
falaa 
pc_anv 
'L_dan_B' 

"L_dan_B (PCBnv Rat L_ad_in L_ada_ L_dan_ L_ba_ L_wr L_lock_ X_ad_in 
I_cgnt_ I_hold_ I_ardy_) 
b L_dan_" / / 

l»t L_ba_B * naw_racuraiva_daf inition 
falaa 
pc_anv 
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lat L_wrB * n*w_recursiv*_d*f inition 

fall* 

pc_anv 
1 L_wrE ' 

"L_wrE ( PCBnv Rat L_ad_in L_adi_ L_dan_ L_be_ L_wr L_lock_ I_ad_in 
I_cgnt_ I_hold_ I_srdy_) 

* L_wr w ; ; 

let L_locfc_B = n*w„r*cursiv*_daf inition 
falsa 
pc_anv 
' L_lock_B ' 

"L_lock_B (PCBnv Rst L_ad_in L_ads_ L_den_ L_b#_ L_wr L_lock_ I_ad_in 
I_cgnt_ I_hold_ I_srdy_) 

= L_locfc_" ; ; 

lat I_ad_inB * n*w_r#curilv#_d#f inition 
falsa 
pc_anv 
' I_ad_inE ' 

"I_ad_inE (PCBnv Rst L_ad_in L_ads_ L_dan„ L_b*_ L_wr L_lock_ I_ad_in 
I_cgnt_ I_hold_ I_srdy_) 

* I_ad_in w ; j 

lat I_cgnt_B * n*w_r*cursive_d*f inition 
falsa 
pc_anv 
' I_cgnt_B * 

"I_cgnt_E (PCBnv Rst L_ad__in L_ads_ L_dan_ L_bs_ L_wr L_lock_ I_ad_in 
I_hold_ I_srdy_) 

* I_cgnt_" ; ; 

lat I_hold_K ■ naw_racursiva_daf inition 
falsa 
pc_anv 
' I_hold_B ' 

"I_hold_E (PCBnv Rst L_ad_in L_ads__ L_d*n_ L_ba_ L_wr L_lock_ I_ad_in 
I_cgnt_ I_hold_ I_srdy_) 
m I_hold_*; / 

lat I_srdy_B = n*w_r*cursiv*_def inition 
falsa 
pc_*nv 
' I_srdy_B ' 

"I_srdy_B (PCBnv Rst L_ad_in L_ads_ L_d*n_ L_b*_ L__wr L_loc)c_ I_ad_in 
I_cgnt_ I_hold_ I_srdy_) 

* I_srdy_" ; ; 


lat Bnv_ CASES = 

prov*_cas*s_thm (prov*_induction_thm pc_anv) ; ; 


lat Bnv_Sal*ctors_Work * prov*_thm 
{ 'Bnv_S*l*ctors_Wor)c ' , 

"la: pc_anv . 

a » (PCBnv (RstB a) (L_ad_inB a) (L_ads_B a) (L_d*n_B a) (L_b*_B a) 

( L_vrrB a) (L_locA_B a) (I_ad_inB a) (I_cgnt_B a) (I_hold_B a) 

( I_s rdy_B *))", 

OBN_TAC 

THEN STRUCT_CASBS_TAC (SPEC "*tpc_*nv" Bnv„CASES) 

THEN RBWRITB_TAC [RstB/ L_ad_inB; L_ads_Bj L_d*n_B; L_b*_B; L_vrB ; L_lock_B; 
I_ad_inB / I_cgnt_B; I_hold_B; I_srdy_B) 


)/? 


V 


Abstract data typa for tha output. 


% 



lat pc_out ■ 

dafina_typa 'pc_out' 

'pc_out « PCOut busntbusn bool#bool busn#busn buantbusn 

wira#wirs wira#wire bool#bool bool#bool wira#wira 
wiratwira bool#bool booltbool * ; ; 

lat L_ad_out0 « naw_racursiva_daf inition 
falsa 
pc_out 
' L_ad_outO * 

"L_ad_outO (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala_ I_mala_ 

I_crqt_ I_cala_ I_mrdy_ I_last_ I_hlda_ I_loc)c_) 

* L_ad_out w ; / 

lat L_raady_0 ■ naw_racursiva_daf inition 
falsa 
pc_out 
' L_raady_0 ' 

*L_raady_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala_ I_mala_ 

I_crqt_ I_cals_ I_mrdy_ I_last_ I_hlda_ I_locb_) 

* L_raady_"; ? 

lat I_ad_outO * naw_racursiva_daf inition 
falsa 
pc_out 
' I_ad_outO ' 

-X_ad_outO (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala_ I_mala_ 

I_crqt_ I_cala_ I_mrdy_ I„last_ I_hlda_ I_lock_) 

* I_ad_out";; 

lat l_ba_0 * naw_racursiva_daf inition 
falsa 
pc_out 
' l_ba_0 / 

«I_ba_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rals_ I_mala_ 

I_crqt_ I_cala_ I_mrdy_ I_last_ I_hlda_ I_lock_) 

■ I_ba_" ; ; 

lat l_rala_0 « naw_racursiva_daf inition 
falsa 
pc_out 
' I_rals_0 ' 

«I_rala_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala_ I_mala_ 

I_crqt_ I_cala_ I_mrdy__ I_last_ I_hlda_ I_lock_) 

■ I_rala_" ; ; 

lat l_mala_0 ■ naw_racursiva__daf inition 
falsa 
pc_out 
' l_mala_0 ' 

M I_mala_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala_ I_jnala_ 

I_crqt_ I_cala_ I_mrdy_ I_last_ I_hlda_ I_lock_) 

* I_mala_" ; ; 

lat l_crqt_0 - naw_racursiva_daf inition 
falsa 

pc _ out 
' l_crqt_0 * 

*I_crqt_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala__ I_mala_ 

I_crqt_ I_cala_ I_mrdy_ I_last_ I_hlda_ I_lock_) 

* I_crqt_ w ; ; 

lat l_cala_0 ■ naw_racursiva_daf inition 
falsa 

pc_out 
' l_cala_0 # 

«I_cala_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala_ I_paala_ 

I_crqt_ I_cala_ I_mrdy_ I_last_ I_hlda_ I_loc)c_) 

* I_cala _ w / i 

lat l_mrdy_0 « naw_racursiva_da£ inition 
falsa 
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pc_out 
' l_mrdy_0 ' 

"l_mrdy_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_ral«_ I_mala_ 

I_crqt_ I_cala_ I_mrdy_ I_last_ I_hlda_ I_lock_) 

= I_mrdy_" ; ; 

lat l_la»t_0 = naw_racursiva_daf ini t ion 
falsa 
pc_out 
' l_last_0' 

"l_last_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala_ I_malS_ 

I_crqt_ I_cala_ I_mrdy_ I_last_ I_hlda_ I_lock_) 

* I_last_" ; ; 

lat l_hlda_0 * naw_racursiva_daf init ion 
falsa 
pc_out 
' I_hlda_o ' 

*I_hlda_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala_ I_mala_ 

I_crqt_ I_cala_ I_mrdy_ l_last_ I_hlda_ I_lock_) 

x I_hlda_" / / 

lat l_lock_0 * naw_racursiva_daf init ion 
falsa 
pc_out 
' l_lock_0 # 

*I_lock_0 (PCOut L_ad_out L_raady_ I_ad_out I_ba_ I_rala_ I_mala_ 

I_crqt_ I_cala_ l_mrdy_ I_last_ I_hlda_ I_lock_) 

= I_lock_" ; ; 
lat Out_CASBS x 

prova_casas_thm (prova_induction_thm pc_out } / ; 

lat Out_ Salactors_Work x prova_thm 
( 'Out_Salactors_Work ' , 

"lp:pc_out . 

p x (PCOut (L_ad_outO p) (L_raady_0 p) (I_ad_outO p) (l_ba_0 p) (l_rala_0 p) 
(l_mala_0 p) (l_crqt_0 p) (l_cala_0 p) ( l_mrdy_0 p) (l_last_0 p) 
(l_hlda_0 p) (l_lock_0 p))", 

GBN_TAC 

THEN STRUCT_CASES_TAC (SPEC "p:pc_out" Out_CASBS) 

THEN RBWRITB_TAC !L_ad_outO; L_raady_Oj I_ad_out0; l_ba_0; l_rala_0; 

l_mala_0; l_crqt_0 ; l_cala_0; l_mrdy_0; l_last_0; l_hlda_0; 
l_lock_0) 

) ;; 

closa_thaory ( ) ; ; 


% 


Fila: pblock_daf.ini 

Author: (c) D . A . Fura 1992 

Data: 18 Fabruary 1999 

This flla contains tha ml sourca for tha gata-laval spacif ication of tha PIU 
P-Port, an ASIC davalopad by tha Bmbaddad Procassing Laboratory, Boaing High 
Tachnology Cantar. 


% 


sat_saarch_path ( saarch_path ( ) 0 [ ' /homa/alvis 6 /dfura/f tap/piu/hol/pport / ' ; 

' /homa/alvi*6 /dfura/f tap/piu/hol/lib/ ' / 

' /homa/alvisfi/dfura/hol/Library/tools/ ' ; 

' /homa/alvis6/dfura/hol/ml/ ' 

3 )// 


sat_flag {' timing trua) ; ? 
systam ' rm pblock_daf . th' t j 
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naw_thaory 'pblock_daf ' ; / 
loadf ' aux_daf a ' j ; 

map naw_par*nt t 'paux_d«f ' j 'wordn_d«f ' ; 'array.daf 'ff«_d.£'i ' countar»_da* ' ] ; j 
map load_parant [ 'piuaux_da£ ' ; 'gataa_daf 1 ' i ' latchaa_da£ ' ; 'bu»a»_da£ ' 1 ; ; 


-Port data latchaa. 


% 


let Data_Latchaa_OATE » naw_daf inition 
( 'Data_Latchaa_OATE ' , 

** i (iad_in lba_in_ : t ima- >wordn#wordn} (lwr_in an_in ba_aal : tima->bool#bool) 
(addr ba_ t tima->wordn) (daatl wr : tima->bool ) 

(data_out addr_out ba_out_ : t ima - >wordn#wordn ) 

(daatl_out wr_out : t ima->bool#bool ) . 

Dat a_Lat cha a _GATB lad_in lba_in_ lwr_in an_in ba_aal 
addr daatl ba_ wr 

data_out addr_out dastl_out ba_out_ wr_out * 

! titima . 

(addr (t+1) = 

(ASal(an_in t)) *> SUBARRAY (ASal{lad_in t) ) (25,0) I addr t) /\ 

(daatl (t+1) » 

(ASal(an_in t) ) -> ELEMENT (ASal(lad_in t)) (31) I daatl t) /\ 

(ba_ (t+1) = (ASal(an_in t ) ) *> ASal { lba_in_ t) I ba_ t) A 
(wr (t+1) = (ASal (an_in t) ) -> ASal(lwr__in t) I wr t) /\ 

(data_out t * (ASal(lad_in t), ASal(lad_in t))) /\ 

(lat odl * MALTER ARBN (31,26) (ba_ (t+1)) in 
(lat od2 * ALTER odl (27) (wr (t+1)) in 
(lat od3 * ALTER odl (26) P in 

(lat od4 * HALTER od3 (25,24) (SUBARRAY (addr (t+1)) (1,0)) in 
(lat od5 - MALTER od4 (23,0) (SUBARRAY (addr (t+1)) (25,2)) in 
( addr_out t * ( od5 , od5 ))))))) / \ 

(daatl_out t * ( (daatl (t+1) ) , (daatl (t+1) ) ) ) /\ 

(ba_out_ t * ( ( (ASal (ba_aal t) ) *> ba_ (t+1) I ASal(lba_in_ t ) ) , 

( (BSal(ba_aal t)) *> ba_ (t+1) I ASal(lba_in_ t)))) /\ 
(wr_out t » (wr (t+1) , wr (t+1)))" 


% 

Input logic for P_rqt latch. 


lat Raq_Input a_OATE * naw_daf inition 
( ' Raq_Input a_<3ATE ' , 

» 1 ( l_ada_ l_dan_ raaat_rqt » t ima - >bool#bool ) 

(rgt_ins rqt_inR rqt_inE : t ima - > bool# bool ) . 

Raq_Inputa_OATE l_ada_ l_dan_ raaat_rqt rqt_inS rqt_inR rqt_inE * 
! titima . 

( rqt_inS t ■ ( ( -ASal ( l_ada_ t) A ASal(l_dan_ t) ) , 

( -BSal ( l_ada_ t) /\ BSal(l_dan_ t) ) ) ) A 
( rqt_inR t = ( ASal (raaat_rqt t) , BSal (raaat_rqt t))) /\ 
(rqt_inB t * ( (ASal (rqt_inS t) \/ ASal (rqt_inR t) ) , 

(BSal (rqt_inS t) \/ BSal(rqt_inR t)))) w 

);? 


% 

Input logic for P_aiza countar. 


lat Ctr_Logic_QATB - naw_daf inition 
( ' Ctr_Logic_OATE ' , 

*1 ( l_ad_in : t ima - > wor dntwordn ) (load_in down_in zaro_cnt : tima->bool#bool) 

(p_siza : t ima - > wordn ) (p_load p_down : t ima -> bool ) . 

Ctr_Logic_OATE l_ad_in load_in down_in zaro_cnt p_aiza p_load p_down * 

1 titima . 

(p_load (t+1) * BSal (load_in t)) /\ 

(p_down (t+1) * BSal (down_in t)) /\ 

(p_aiza (t+1) « (p_load t) 
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■> SUBARRAY (BSal ( l_ad_in t)) (1,0) I 

(p_down t) => DBCN 1 (p_aiza t) | p_aiza t) /\ 

(zaro_cnt t * 

( (p_aiza t * (p_down t) «> (WORDN 1 1) | (WORDN 10)), 

(p_aize t * (p_down t) => (WORDN 1 1) | (WORDN 1 0))))" 

) ; / 

%- 

Accumulatad random logic. 

«_ % 

lat Scat_Logic_QATE * naw_daf init ion 
( ' Scat_Logic_GATB ' , 

"! (p_addr ; t ima - > wordn#wordn ) 

(rat fam_aatata fsm_datata fam_hlda_ p_daatl p_wr p_rqt * tima->bool#bool ) 
(zaro_cnt i_ardy_ i_ad_data_out_an l_ad_out_an_ i_rala_ : tima->bool#bool ) 
(i_mala_ i_crqt_ f an^mrqt f am_rat f am_sack raaat_rqt : tima->bool#bool) 
(l_raady : tima->bool#bool ) 

Scat_Logic_GATE rat fam_aatata fam_datata f am_hlda_ p_addr p_daatl p_wr 

p_rqt zaro_cnt i_ardy_ i_ad_data_out_an l_ad_out_an_ i_rala_ 
i_mala_ i_crqt_ fam_mrqt fam_rat £am_aack raaat_rqt 
l_raady • 

! t : t iroa . 

(i_ad_data_out_an t = (ASal(p_wr t) /\ ASal ( fam_datata t)), 

(BSal(p_wr t) /\ BSal ( £am_datata t))) /\ 

( l_ad_out_an_ t = ( ( ASal ( f am_aatata t) \/ 

-ASal ( £ am„hlda_ t) \/ 

ASal ( f asLdatat* t) /\ ASal(p_wr t)) f 
(BSal ( £am_aatata t) \/ 

-BSal ( £am_hlda_ t) \/ 

BSal (fam_datata t) /\ BSal(p_wr t)))) /\ 

(i_rala_ t * ( (- ( -ASal (p_daatl t) /\ 

((SUBARRAY (ASal(p_addr t)) (23,22)) = (WORDN 13)) /\ 

(ASal (£am_aatata t)) /\ 

(ASal (p_rqt t ) ) ) ) , 

( - ( -BSal (p_daat 1 t) /\ 

((SUBARRAY (BSal(p_addr t)) (23,22)) = (WORDN 13)) A 

BSal ( £ am_aetata t) A 
BSal (p_rqt t ) ) ) ) ) A 
(i_mala_ t = ( ( - ( -ASal (p_daatl t) A 

-((SUBARRAY (ASal (p_addr t>) (23,22)) - (WORDN 13)) A 

ASal ( fam_aatata t) A 
ASal <p_rqt t ) ) ) , 

( - ( -BSal (p_daatl t) /\ 

-((SUBARRAY (BSal(p_addr t)) (23,22)) * (WORDN 13)) A 

BSal ( £am_aatata t) A 
BSal (p_rqt t) ) ) ) ) A 
(i_crqt_ t * ( (- (ASal(p_daatl t) A 
(ASal (p_rqt t) ) ) ) , 

( - (BSal (p_daatl t) /\ 

(BSal (p_rqt t ) ) ) ) ) ) A 

(£am_mrqt t » ( ( -ASal (p_daatl t) A ASal{p_rqt t)), 

( -BSal (p_daat 1 t) /\ BSal (p_rqt t)))) A 
(£am_rat t * (ASal(rat t), BSal (rat t))) /\ 

(fam_aack t = ( ( ASal ( zaro_cnt t) A -ASal ( i_ardy_ t) 

A ASal (f am_datata t) ) , 

(BSal (zaro_cnt t) A -BSal ( i_ardy_ t) 

A BSal (f am_d»tata t)))) A 
(raaat_rqt t * ((ASal(rat t) \/ ASal ( f sm_aack t)), 

(BSal(rat t) \/ BSal (f am^aack t)))) /\ 

(l_raady t ■ ( ( -ASal (i_ardy_ t) A ASal ( fam^datata t)), 

( -BSal (i_ardy_ t) A BSal ( £am_datata t))))" 

);; 

% 

Input logic for P_lock_ latch* 

% 

lat Lock_Inputa_GATB ■ naw_da£inition 
( ' Lock_Input a_OATE ' , 

"! (rat fam_datata p_mala_ p_rala_ : tima->bool#bool ) 
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M * 


(lock_inK lock_inh_inB : tima- > bool #bool) . 

Lock_Inputa_OATB rat fam^datata p_mala_ p_rala_ lock_inB lock_inh_inB = 

! 1 1 tima . 

(lock_inB t « (ASal(rat t) \/ ASal <fam_datata t)), 

(BSal (rat t) \/ BSal (f am_datata t)>) /\ 

( lock_inh_inB t * (ASal{rat t) \/ -ASal {p_mala_ t) \/ -ASal (p_rala_ t)) # 
(BSal (rat t) \/ -BSal (p_mala_ t) \/ -BSal (p_rala_ t))) w 

);; 


-Port controllar atata machina. 


lat FSM_OATB * naw_daf inition 
( ' FSM_GATB * , 

"J (rat_in mrqt_in aack_in cgnt_in_ crqt_in_ hold_in_ : t ima - >bool#bool ) 
(lock_in_ : t ima- > bool #bool) 

(atata : tima->pf am_ty) 

(rat mrqt aack cgnt_ crqt_ hold_ lock_ ttima->bool) 

(aatata_out datata_out hlda_out_ : tima- > bool #bool ) . 

FSMJ3ATB rat_in mrqt_in aack_in cgnt_in_ crqt_in_ hold_ia_ lock_in_ 
atata rat mrqt aack cgnt_ crqt_ hold_ lock_ 
aatata_out datata_out hlda_out_ = 

! t i tima . 

(atata (t+1) * 

(rat t) -> PA | 

(atata t - PH) -> ( (hold_ t) -> PA I PH) I 

(atata t * PA) = > 

( ( (mrqt t) \/ 

((-crqt_ t) /\ -cgnt_ t)) »> PD I 

( ( ( -hold.. t) /\ lock t) -> PH I PA)) I 

( (aack t /\ hold_ t) *> PA | 

(aack t A (-hold_ t) /\ -lock_ t) ■> PA I 

(aack t /\ ( -hold_ t) A lock_ t) -> PH I PD) ) A 

(rat (t+1) « BSal (rat_in t)) /\ 

(mrqt (t+1) * BSal ( mrqt _ in t) ) A 
(aack (t+1) « BSal (aack_in t)) /\ 

(cgnt_ (t+1) = BSal (cgnt_in_ t)) /\ 

(crqt_ (t+1) « BSal (crqt_in_ t)) A 
( hold_ (t+1) * BSal (hold_in_ t)) /\ 

(lock_ (t+1) - BSal (lock_in_ t)) /\ 

(aatata_out t - (atata (t+1) - PA) , (atata (t+1) « PA)) A 

(datata_out t * (atata (t+1) * PD) # (atata (t+1) « PD)) /\ 

(hlda_out_ t * {-(atata (t+1) -PH)) , (-(atata (t+1) « PH)))* 

) j; 


% 

P-Port Block. 


lat PBlock_GATE * naw_daf inition 
( ' PBlock_GATB ' , 

(a i t ima - >pc a t at a ) (a : tima->pc_anv) (p * tima->pc_out) . 

PBlock_QATB a a p - 

? (f am_aatata fam^datata rqt_ data_out_an raaat_rqt : tima->bool#bool) 
(data_out addr_out ba_out x t ima - >wordn#wordn ) 

( ad_dat a_out ad_addr_out 1 1 ima - >buan#buan ) 

(rqt_inS rqt_inR rqt_inB rqt_outQ : tima->bool#bool) 

( zaro_cnt aaro_cnt_ l_ad_out_an_ rala_ mala_ : t ima- >bool#bool ) 
(£anL_mrqt £ am^rat t am_aack l_raady i_cgnt lock_inK j t ima -> bool# bool ) 
(lock_outQ lock_inh_inB lock_inh_outQ p_mala_outQ * tima->bool#bool) 
(p_rala_outQ lock_outQ_ daatl_out wr_out 1 1 ima - >bool#bool ) . 

( Dat a_La t cha a_GATE (aig L_ad_inB a) (aig L_ba_B a) (aig L_wrB a) rqt_ 
f am_aatata (aig P_addrS a) (aig P_daatlS a) 

(aig P_ba_S a) (aig P_wrS a) data_out addr_out 
daatl_out ba_out wr_out) /\ 

(TRIBUFn_OATB data_out data_out_an ad_data_out ) /\ 

( TRIBUFn_QATB addr_out fa m_aatata ad_addr_out ) /\ 

(MBROB2n_OATB (31,0) ad_data_out ad_addr_out (aig I_ad_outO p) ) A 
( TRIBUFn_OATB ba_out (aig l_hlda_0 p) (aig l_ba_0 p) ) A 
(Raq_Inputa_OATB (aig L_ada_B a) (aig L_dan_B a) raaat_rqt rqt_inS 
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rqt_ihR rqt_inB) A 

( DSRBLatB_GATB GND rqt_inS rqt_inR rqt_inB (aig P_rqtS a) rqt_outQ) /\ 
(NOT_OATB rqt_outQ rqt_) /\ 

(Ctr_Logic_OATB (Big L_ad_inH •) rqt_ l_raady zaro_cnt (Big P_aizaS a) 
(aig P_loadS a) (aig P_downS a)) /\ 

(Scat_Logic_OATB (aig RatB •) fam_aatata fam_datata (aig l_hlda_0 p) 
addr_out daatl_out wr_out rqt_outQ zaro_cnt 
(aig I_ardy_B •} data_out_an l_ad_out_an_ rala_ mala_ 
(aig l_crqt _0 p) f am_mrqt fam_rat fam_aack raaat_rqt 
l_raady) A 

<TRIBUF_OATE rala_ (aig l_hlda_0 p) (aig l_rala_0 p) ) /\ 

(TRIBUF_GATB mala_ (aig l_hlda_0 p) (aig l_mala_0 p) ) /\ 

( TRIBUF_GATE OND (aig l_hlda_0 p) (aig l_mrdy_0 p) ) /\ 

(NOT_GATB zaro_cnt zaro_cat_) /\ 

( TRIBUF_GATE zaro_cnt_ (aig l_hlda_0 p) (aig l_laat_0 p) ) /\ 

(NOT_GATE l_raady (aig L_raady_0 p) ) A 

( DSBLatB_GATB (aig L_lock_E a) (aig RatB •) lock_inB (aig P_lock_S a) 
lock_outQ) A 

(DSBLatB_GATB (aig L_lock_B a) (aig RatB •) lock_inh_inB 
(aig P_lock_inh_S a) lock_inh_outQ) /\ 

(Lock_Inputa_GATZ (aig RatB a) fam_datata p_mala_outQ p_rala_outQ 
lock_inB lock_inh_inB) / \ 

(DELatB_GATB mala_ fam_aatata (aig P_mala_S a) p_mala_outQ) /\ 
(DELatB_OATE rala_ fam_aatata (aig P_rala_S a) p_rala_outQ) /\ 

( NOT_GATE iock_outQ lock_outQ_) /\ 

{ NAND2 OATE lock_outQ_ lock_inh_outQ (aig l_lock_0 p) ) A 
(NOT_GATE (aig I_cgnt_B a) i_cgnt) /\ 

( NAND3_OATB i_cgnt fam_aatata (aig I_hold_B •) (aig l_cala_0 p) ) /\ 
(TRINBUPn_GATB (aig I_ad_inE a) l_ad_out_an_ (aig L_ad_outO p) ) /\ 
(FSM_GATE fam_rat f am_mrqt fam^aack (aig I_cgnt_B a) (aig I_crqt_0 p) 
(aig I_hold_B a) lock_outQ (aig P_fanu»tataS a) 

(aig P_fam_ratS a) (aig P_£am_mrqtS a) (aig P_fam L _aackS a) 

(aig P_fam_cgnt_S a) (aig P_f am^crqt.S a) (aig P_fam_hold_S a) 
(aig P_fam_lock_S a) fam_**tata £am_datata (aig l_hlda_0 p))" 


lat PBlock_BXP = aava_thm 
( ' PBlock_BXP ' , 

( BBTA_RULB 

( RBWRITB_RULB [ BXPAND_LET_ROLB Dat a_Lat cha a_GATB ; Raq_Input a_C3ATB ; 

Ct r_Logic_OATB ; Scat_Logic_GATE j Lock_Input a_OATB ; FSM_OATE ; 
NOT_OATB j NAND2_OATB ; NAND3_OATB ; TRIBUP_OATH / 

TRIBUFn_GATB / TRINBOPn_GATB ; DHLat B_GATB / DSBLatB_GATB 7 
DSRBLat B_OATB / KBRGB2 n_GATB / ASa 1 7 BSa 1 / OND ; a ig ] 

( SPBC_ALL PBlock__GATB ) ) ) 

) ; ; 

cloaa_thaory ( ) ; ; 


% 


Fila: pclock_daf.ini 

Author: (c) D.A. Fur a 1992 

Data: 18 Fabruary 1992 

Thia fila containa tha ml aourca for tha clock-laval apacif ication of tha PIU 
P-Port, an ASIC davalopad by tha Bmbaddad Procaaaing Laboratory, Boaing High 
Tachnology Cantar . Tha bulk of thia coda waa tr ana lat ad from an M-languaga 
simulation program uaing a tranalator writ tan by P.J. Windlay at tha 
Univaraity of Idaho. 


% 


aat laarch path (aaarch_path ( ) © [ ' /homa/alviafi/dfura/f tap/piu/hol/lib/ ' ; 

' /homa/alvia 6 /dfura/f tap/piu/hol/pport/ * ; 
' /homa/alviafi/dfura/hol/Library /toola / ' ; 

' /homa/alvia6/dfura/hol/ml/ ' 

] ) ;; 
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system 'rm pclock_def . th / ; j 
new_theory 'pclock_def ' ; ; 
loadf ' aux_de £ s ' ; ; 

map naw parent [ ' array __def ' ; 'wordn_def ' ; 'busn_def ' ] / ; 
map load_parent [ 'piuaux_def ' ; 'paux_def ' ] ; / 

new_type_abbrev ( ' t imeC ' , " : num" ) ; ; 

% 

Next-state definition for P-Port instruction. 

% 


let PC_NSF ■ new_def inition 
( ' PC_NSF ' , 

" ! (s ipc_state) (e ipc_env) . 

PC_NSF s e * 

let new_P_f sm_state » 

( (P_f snurstS s) *> PA I 

( P_f sm_stateS s ■ PH) «> ( (P_f snuhold_S s) *> PA I PH) I 
(P_f sm_ states s * PA) ■> 

{ ( ( P_f sm_mrqtS s) \/ 

{ ( -P_f sm_crqt_S s) /\ -P_f sm_cgnt_S s ) ) «> PD 1 
( < ( -F_f sn*_bold_S s) /\ P_f sin_lock_S s) «> PH I PA)) I 
{ (P_fsnu*»<=kS m /\ P_f sm^hold_S s) ■> PA I 
(p_f sm_sackS s / \ ( -P_f sm L _hold_S s) /\ -P_f sm_lock_S s) ■> PA I 
(P_fsm_**ckS ■ A (-P_f em_hold_S s) /\ P_f siR_lock_s s) ■> PH i PD)) 
in 

let new_P_addr ■ { ( -P„rqtS s) 

«> {SUBARRAY (ASel ( L_ad_inB e) ) (25,0)) 

I P_addrS s) in 

let new_P_destl * ((-P_rqtS s) 

*> (BLRMHNT ( ASel ( L_ad_inE e) ) (31)) 

I P_destlS s) in 

let new_P_be_ * ( ( ~P_rqtS s) ■> ASel (L_be_E e) | P_be_S s) in 
let new_P_wr * ( ( -P_rqtS s) ■> ASel(L_wrB e) | P_wrS s) in 
let new_P_size = 

( { P_loadS s) •> (SUBARRAY ( BSe 1 < L_ad_inB e) ) (1,0)) I 

( { p_downS s) -> (DBCN 1 (P_sizeS s)) I P_sizeS s)) in 
let p_ale * (-BSel (L_ads_B e) /\ BSel(L_den_B e) ) in 
let p_sack * 

( (P_sizeS s « { (P_downS s) »> (WORDN 1 1) I (WORDN 10))) /\ 

-BSel ( I_srdy_B e) /\ 

(new__P_f sm_stata * PD) ) in 
let new_P__rqt * 

( (p_ale \/ BSeKRstH e) \/ p__sack) 

=> ( (p_ale /\ - (BSel (RstB e) \/ p_sack) ) => T I 
{ -p_ale /\ (BSel (RstB e) \/ p_sack) ) «> F I 
(-p_ale /\ - (BSel (RstB e) \/ p_sack) ) => F | ARB) 

I (P_rqtS s)) in 

let new_P_load * ( -new_P_rqt ) in 

let new_P_down * ( -BSel (I_srdy_B e) A (new_P__f sm_state * PD)) in 
let new_P_male_ * 

( (new_P_f sm_state ■ PA) 

*> - (-new_P_destl /\ 

(-((SUBARRAY new_P_addr (25,24)) « (WORDN 13))) A 
(new_P_f sm_state - PA) /\ 
new_P_rqt ) 
j P_male_S s) in 
let new_P_rale_ ■ 

( (new_P_f sm_state * PA) 

*> - ( -new_P_destl /\ 

((SUBARRAY new_P_addr (25,24)) « (WORDN 13)) /\ 

(new_P_f sm_state « PA) /\ 
new_P_rqt ) 

I P_rale_S s) in 
let new_P_lock_ - 

(((BSel (RstB e) ) \/ (new_P_f sn^«tate « PD)) 

«> (BSel (RstB e)) -> T I BSel (L_lock_B e) 

| P_lock_S s) in 
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let new_P_lock_inh_ = 

( ( (BSel (RetB e) ) \/ -new_P_male_ \/ -new_P_rale_) 

=> (BSel (RstB e}) = > T I BSel ( L_lock_B e) 

I P_lock_inh_S e) in 
let new_P_f enuret = BSel (RstE e) in 

let new_P_f •m_mrqt * { ~new_P_de0tl /\ new_P_rqt) in 

let new_P_f 0in_aack * p_aack in 

let new_P_f em_cgnt_ = BSel (I_cgnt_B e) in 

let new_P_f »m_crqt_ - (- (new_P_deatl f \ new_P_rqt ) } in 

let new_P_f sm_hold_ = BSel ( I_hold_E e) in 

let new_P_f «m_lock_ * new_P_lock_ in 

(PCState new_P_addr new_P_destl new_P_be_ new_P_wr new_P_f 0m_0tate 
new_P_f em_r*t new_P_f *m_mrqt new_P_f em_aack new_P_f »m_cgnt_ 
new_P_f em_crqt_ new_P_f ■m_hold_ new_P_f 0m_lock_ new_P_rqt new_P_eize 
new_P_load new_P_dovn new_P_lock_ new_P_lock_inh_ new_P_male_ 
new_P_rale_) " 

) 7 ? 

let PC_NSF_BXP - eave_tbm 

( / PC_NSF_BXP ' , 

(EXPAND_LBT_RULB ( RHWRITB_RULB [ASel;BSel] PC_NSP) ) 

) 7 7 


% 

Output definition for P-Port instruction. 


■% 


let PC_OF * new_def inition 
( ' PC_OF ' , 

" ! (0 :pc_0tate) (e :pc_env) 

PC_OF s e * 

let new_P_f sm_0tate * 

( (P_f 0 in_r 0 tS 0 ) *> PA I 

(P_f 0m_stateS a ■ PH) *> ( (P_f em_bold_S 0) ■> PA I PH) | 

(P_f em_0tateS 0 « PA) *> 

( ( (P_f 0m_mrqtS 0) \/ 

( (-P_f 0nucrqt_S 0) /\ ~P_f 0m_cgnt_S 0)) *> PD I 

( ( ( -P_f 0m w hold_S 0) /\ P_f em_loc)c_S 0) ■> PH I PA)) ( 

( (P_f 0in_*Ac)cS 0 /\ P_f sin_hold_S 0) *> PA I 
(P_fam_aackS 0 /\ (~P_f 0nubold_S 0) /\ -P_f 0ia_lock_S 0) ■> PA I 
(P_f0in_*»ckS 0 /\ (-P_f 0m_hold_S s) /\ P_f 0in_lock_S 0) => PH | PD)) 
in 

let new_P_addr ■ ((-P_rqtS 0) 

-> (SUBARRAY ( ASel ( L_ad_inE e) ) ( 25 , 0 )) 

| P_addrS 0 ) in 

let new_P_deetl x ( ( ~P_rqt S 0) 

«> (ELEMENT ( ASel ( L_ad_inB e) ) ( 31 )) 

I P_deetlS 0) in 

let new_P_be_ « ( ( ~P_rqtS 0) *> ASel(L_be_B e) | P_be_S 0) in 

let new_P_wr = ((-P_rqtS 0) *> ASel ( L_wrK e ) | P_wrS 0) in 

let new_P_eize * 

( (P_loadS a) *> (SUBARRAY (BSel ( L_ad_inB e) ) ( 1 , 0 )) j 

( (F_downS a) *> (DECN 1 (P_aizeS 0)) I P_aizeS 0)) in 
let p_ale * ( -BSel (L_ada_B e) /\ BSel(L_den_E e)) in 
let p_aack = 

((P_aizeS 0 - { (P_downS 0) *> (WORDN 1 1 ) | (WORDN 10 ))) /\ 

-BSel ( I_0rdy_E e) /\ 

( new_P_f 0m_0tate * PD) ) in 
let new_P_rqt ■ 

( (p_ale \/ BSel (RetB e) \/ p_aack) 

■ > { (p_ale /\ -(BSel (RetB e) \/ p_sack) ) *> T I 
( ~p_ale /\ (BSel (RetB e) \/ p_aack) ) => F I 
{ -p_ale /\ -(BSel (RetB e) \/ p_aack) ) -> F I ARB) 

I (P_rqts 0)) in 

let new_P_load - (-new_P_rqt) in 

let new_P_down * ( -BSel (I_0rdy_B e) /\ (new_P_f sm_state • PD)) in 
let new_P_male_ ■ 

( (new_P_f ein_0tate ■ PA) 

>> - ( -new_P_deetl /\ 

(-((SUBARRAY new_P_addr ( 25 , 24 )) - (WORDN 13 ))) /\ 

(new_P_f am_state * PA) /\ 
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naw_P_rqt ) 
j P_mala_S a) in 
lat naw_P_rala_ » 

( (naw_P_f sm_»tata * PA) 

3 > - (-nav_P_daatl /\ 

( {SUBARRAY naw_P_addr (25,24)) - (WORDN 13)) /\ 

(naw_P_f am_atata * PA) /\ 
naw_P_rqt ) 

I P_rala_S a) in 
lat naw_P_lock_ * 

( ( (BSal (R*tR a) ) \/ (naw_P_f am^atata - PD)) 

*> (BSal (RatB a)) -> T I BSal ( L_lock_B a) 

I P_lock_S s) in 
lat naw_P_loc)c_inh_ * 

(((BSal (RatB a)) \/ -naw_P_mala_ \/ ~naw_P_rala_) 

«> (BSal (RatB a)) ■> T I BSal (L_locfc_B a) 

I P_lock_inh_S a) in 
lat naw_P_f anurat - BSaKRatB a) in 

lat naw_P_f am_arqt * ( ~naw_P_daatl A naw_P_rqt ) in 

lat naw_P_f an^aack * p_aac)c in 

lat naw_P_f am_cgnt_ * BSal ( I_cgnt_B a) in 

lat nav_P_f an*_crqt_ « ( - (naw_P_daatl /\ naw_P_rqt ) ) in 

lat naw_P_f am_b©ld_ « BSal ( I_hold_B a) in 

lat naw_P_f am_lock_ ■ naw_P_lock_ in 

lat lad_an_ ■ 

( (naw_P_f an*_atata * PA) \/ 

(naw_P_f am_atata * PH) \/ 

( (naw_P_f am_atata * PD) /\ naw_P_wr) ) in 
lat L_ad_out ■ 

( ( ( -lad_an_) => BUSN (ASal (I_ad_inE a)) I Offn) , 

((-lad_an_) «> BUSN (BSal (I_ad_inE a)) 1 Offn)) in 
lat L_raady_ » ( ( - ( -ASal (I_ardy_B a) /\ (naw_P_f am_»tata * PD))), 

( - (~BSal (I_ardy_E a) /\ (naw_P_f am_atata * PD) ) ) ) in 
lat odO * ARBN in 

lat odl * (MALTBR odO (31,28) naw_P_ba_) in 

lat od2 * { ALTKR odl (27) naw_P_wr ) in 

lat od3 - (ALTKR od2 (26) F) in 

lat od4 - (MALTBR od3 (25,24) (SUBARRAY naw_P_addr (1,0))) in 

lat od5 - (MALTBR od4 (23,0) (SUBARRAY naw_P_addr (25,2))) in 

lat I_ad_out * 

( ( (naw_P_wr /\ (naw_P_f am_atata * PD)) *> BUSN ( ASa 1 ( L_ad_inE a)) I 
(naw_P__f am„atata * PA) ■> BUSN od5 I Offn), 

{ (naw_P_wr /\ (naw_P_f am^atata « PD)) «> BUSN (ASal (L_ad_inB a)) I 
(naw_P_f am_atata * PA) *> BUSN od5 | Offn) ) in 
lat I_ba_ - 

( ( (- (naw_P_f am_atata * PH) ) 

*> BUSN ( (naw_P_f an^atata * PA) *> naw_F_ba_ | ASal(L_ba_E a)) 

I Offn), 

( (- (naw_P_f an*_*tata « PH) ) 

«> BUSN ( (naw_P_faa*_atata « PA) *> naw_P_ba_ | ASal(L_ba__B a)) 

| Offn)) in 

lat rala_outA_ - ( - (-naw_P_daatl /\ 

((SUBARRAY naw_P_addr (25,24)) - (WORDN 1 3)> /\ 
(naw_P_f ■HL.atata * PA) /\ 

(P_rqts a))) in 

lat rala_outB_ » ( - (-naw_P_da»tl A 

((SUBARRAY naw_P_addr (25,24)) = (WORDN 13)) /\ 
(naw_P_f *ia_atata ■ PA) A 
naw_P_rqt ) ) in 

lat I_rala_ » ( ( ( - (naw_P_f ain_atata - PH)) ■> WIRE rala_outA_ I Z) , 

( (-(naw_P_fam^atata « PH)) «> WIRE rala_outB_ I Z)) in 

lat mala_outA_ ■ ( - ( ~naw_P_daatl / \ 

(-({SUBARRAY naw_P_addr (25,24)) * (WORDN 13))) /\ 
(naw_P_f am^atata * PA) /\ 

(P_rqtS a))) in 

lat mala_outB_ ■ ( - ( ~naw_P_daat 1 / \ 

(-((SUBARRAY naw_P_addr (25,24)) - (WORDN 13))) /\ 
(naw_P_f an,_atata • PA) A 
naw_P_rqt ) ) in 

lat I_xnala_ * ( ( ( - (naw_P_f am^atata « PH)) ■> WIRE mala_outA_ I Z) , 

( (- (naw_P_f am_atata * PH)) ■> WIRE mala_outB_ I Z) ) in 
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let I_crqt_ = 
let I_cale_ * 


let I_mrdy_ = 

let laat_out_ 
( - (P_aizeS 
let I_laat_ = 

let I_hlda_ * 
let I_lock_ * 


( (~ (new_P_deatl /\ (P_rqtS a))), 

(~ (new_P_deatl A new_P_rqt ) ) ) in 
( (~(~ASel(I_cgnt_E e) /\ 

(new_P_f am_»tate ■ PA) /\ 

ASel ( I_hold_H e) ) ) , 

( - ( -BSel (I_cgnt_E e) /\ 

(new_P_f am_atate * PA) /\ 

BSel ( I_hold_B e ) ) ) ) in 
{ ( { (~(new_P_fain_etate = PH) ) => LO | Z) ) , 

( ( <~{new_P_fam_etate * PH)) -> LO | Z) ) ) in 


• * ( ( P_downS a) ■> (WORDN 11) | (WORDN 1 0)))) in 

((( (~(new_P_f acetate = PH)) => WIRE laat_out_ I Z)), 

( ( (- (new.P_fam_atate * PH)) => WIRE laat_out_ | Z))) in 
( (~ (new_P_f am.atate = PH)) , { - (new_P_f am_atate * PH))) in 

((-{-( P_locfc_S • ) / \ ( P_loc)c_inh_S e ) ) ) , 

( - ( ~new_P_locfc_ /\ new_P_lock_inh_) ) ) in 


) ; ; 


( PCOut L_ad_out L_ready_ I_ad_out I_be_ I_rale_ I_male_ I_crqt_ locale. 
I_mrdy_ I_laat_ I_hlda_ I_lock_) * 


let PC_OF_KXP * »ave_thm 
( ' PC_OP_KXP ' , 

( EXPAND_LET_RULE (REWRITE.RULB [ASel; BSel] PC_OP) ) 

) /; 

let PC.Exec ■ new_def ini t ion 
( ' PC_Exec ' , 

"! (pci *PCI) (s : timeC ->pc_at ate ) (e : timeC->pc_env) (p i timeC->pc_out } 
(t s timeC) . 

PC.Exec pci i e p t « T" 

)/; 

let PC.PreC * new_def inition 
( ' PC_PreC ' , 

"i (pci :PCI) ( b : timeC->pc_atate) (e t timeC- >pc_env) (p : timeC->pc_out ) 
(t i timeC) . 

PC_PreC pci ■ e p t * T" 

) J ? 

let PC.PoatC m new_def inition 
( 'PC_PoatC ' , 

"! (pci :PCI) (s * timeC ->pc_at ate) (e x timeC ->pc_env) (p t timeC ->pc_out ) 
(t : timeC) . 

PC_PoatC pci s e p t ■ 

( s (t+1) - PC_NSP (* t) (e t)) /\ 

(p t - PC_OP (e t) (e t ) ) " 

);; 

let PC_Correct * new_def inition 
( 'PC.Correct ' , 

" ! (pci s PCI ) (a : timeC ->pc_atate ) (e : timeC- >pc__env) (p i timeC ->pc_out ) 
(t t timeC ) . 

PC_Correct pci a e p t * 

PC.Bxec pci a e p t A 
PC.PreC pci a e p t 

■s> 

PC_PoetC pci a e p t* 

) ;; 

let PCSet_Correct ■ new.de £ inition 
( ' PCSet.Correct ' , 

* ! (a x timeC ->pc_at ate) (e : timeC- >pc_env) (p \ t imeC - >pc_out ) 
PCSet_Correct a e p * ! (pci x PCI) ( t : timeC) . PC_Correct pci a e p t* 

);; 

let Next_State_THM * TAC_PROOF 

(([], "PCSet_Correct a e p ■■> (a (t+1) * PC_NSF (a t) (e t))") # 
RBWR.ITE_.TAC [PCSet_Correct ; PC.Correct ; PC_Bxec ; PC_PreC; PC_PoatC] 

THEN REWR I TB_T AC 

[ LBFT_IMP_FORALL_CONV 
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w (It. 

(*(t + 1) - PC_NSF(a t) (• t)) /\ 

(p t * PC_OF ( a t ) < • t))) *-> 

(a (t+1) * PC_NSF(a t)(e t))"3 

THEM SXI STS_TAC "trtime" 

THEN REWRI TE_TAC [ADD_CLAtJSBS] 

THEN STRIP_TAC 
)// 

let P_addr_ISO » eave_thm 
{ ' P_addr_ISO ' , 

(DISCH_ALL 
{ REWRI TB_RULE 

[ PC_NSF_BXP ; P_addr S ] 

(SUBS_OCCS [ ( [2 ] , UNDISCH {Next_State_THM) ) 3 

(REFL "P_addrS (a ((tttlmeC) + 1 ))"))) ) 

>// 

let P_deetl_ISO * eave_thm 
< 'P_destl_ISO' , 

( DISCH_ALL 
{ RBWRITB_RULB 

[FC_NSF_EXP/ P_deatlS3 

(SUBS_OCCS [ ( [2] , UNDISCH (Next_State_THM) ) 3 

{REFL "P_de»tlS (a ((tttlmeC) + 1))")))) 

);; 

let P_be_ISO * aave_thm 
( 'P_be_ISO', 

{DISCH_ALL 

(REWRITB_RULB 

[PC_NSF_KXP ; P_be_S J 

(SUBfl_OCCS [ ( [2 ] , UNDISCH (Next_State_THM) ) 3 

(REFL "P_be_S (a ((tttlmeC) + 1))")))) 

)U 

let P_wr_ISO * aave_thm 
{ ' P_wr_ISO ' , 

(DISCH_ALL 

(REWRITB_RULB 

[ PC_NSF_EXF ; P_wxS ] 

(SUBS_OCCS [ ( [2 ] , UNDISCH (Next_State_THM) ) ] 

(REFL "P_wrS (a ((tttlmeC) + 1))")))) 

); ; 

let P_f en^_at at e_ISO - aave_thm 
( 'p_f eia_atate_ISO # , 

(DISCH_ALL 

(RBWRITB_RULE 

[PC_NSF_EXP/ P_f am_atateS] 

(SUBS_OCCS [( [2] , UNDISCH (Next_State_THM) ) 3 

(REFL "P_fam_atateS (a ((tttlmeC) + 1 ))")))) 

);> 

let P_f am_rat_ISO - aave_th m 
( ' P_f em_rat_ISO ' , 

(DISCH_ALL 

(RBWRITE_RULB 

( PC_NSF_EXP ; P_f em_r a t S 3 

(SUBS_OCCS [( [2J , UNDISCH (Next_State_THM) ) 3 

(REFL "P_f am_ratS (a ((tttlmeC) + 1))")))) 

);; 

let P_f am_mrqt_ISO ■ aave_thm 
( ' P_f am^mrcit_ISO ' , 

(DISCH_ALL 
( REWRI TB_RULB 

[PC_NSF_KXP ; P_f am_mrqt S 3 

( SUBS_OCCS [ ( [2 ] , UNDISCH (Next_State_THM) ) 3 

(REFL *P_f am_mrqtS (a ((tttlmeC) ♦ 1))")))) 

);; 
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let P_f am_aac)c_ISO = aave_thm 
( ' P_f am_aack_ISO ' , 

(DISCH_ALL 

(RBWRITB_RULB 

[PC_NSF_BXP; P_f em_eackS] 

(SUBS_OCCS [ ( [2] f UNDISCH (Next_State_THM) ) ] 

(RBFL "P_f am_sackS (a ((t:timeC> + 1))")))) 

) ;; 

let P_f am_cgnt_ISO * aave_thm 
( ' P_f am_cgnt_ISO * , 

(DISCH_ALL 

(RBWRITB_RULB 

[PC_NSF_KXP; P_f •m_cgnt_S] 

(SUBS_OCCS [ ( [2] , UNDISCH (Next_State_THM) ) J 

(RBFL "P_f am_cgnt_S (a ((tttimeC) + 1))")))) 

)/; 

let P_f anv_crqt_ISO = aave_thm 
( 'P_f am_crqt_ISO' , 

(DISCH_ALL 

<RBWRITB_RULE 

[ PC_NSF_BXP ; P_f em_crqt_S ] 

( SUBS_OCCS c ( [2 J , UNDISCH ( Naxt_State_THM J ) ] 

(RBFL "P_f «m_crqt_S (a {(tttiraeC) + 1) )")))) 

) ;; 

let P_f am_hold_ISO = aav#_thm 
( ' P_f anL_hold_ISO ' , 

(DISCH_ALL 
( RBWR I TB_RU LB 

[PC_NSF_BXP; P_f am_hold_S] 

(SUBS_OCCS [ ( [2] , UNDISCH (Next_State_THM) ) ] 

(RBFL "P_f ■m_hold_S (a ((titlmeC) + 1) )")))) 

) ; ; 

let P_f am^loc^ISO * aave_thm 
( ' P_f an*_lock_ISO ' # 

(DISCH_ALL 
( RBWRITE_RULB 

[ PC_NSF_KXP ; P_f am_lock_S ] 

( SUBS_OCCS [ ( [ 2 ] , UNDISCH ( Next_S t a t e_THM ) ) ] 

(RBFL "P_fei*_lock_S (« ((t:timeC) + 1) )"}))) 

);; 

let P_rqt_ISO ■ aave_thm 
( ' P_rqt_ISO ' , 

(DISCH_ALL 

(RBWRITB_RULB 

[PC_NSF_KXP; P_rqtS] 

(SUBS_OCCS [ ( [2] , UNDISCH ( Next_State_THM) ) 1 

(RBFL w P_rqtS (a ((titlmeC) + 1))"))}) 

) ;; 

let P_aize_ISO ■ aave_thm 
( 'P_aiz#_ISO' , 

(DISCH_ALL 

(RBWRITB.RULB 

[ PC_NSF_KXP ; P_a iz eS ] 

(SUBS_OCCS [ ( (2] , UNDISCH (Next_State_THM) ) ] 

(RBFL "P_aizeS (a ((trtlmeC) + X ))"))) ) 

);/ 

let P_load_ISO * aave_thm 
( ' P_load_ISO ' , 

(DISCH_ALL 

(RBWRITB_RULB 

[PC_NSF_KXP? P_loadS] 

(SUBS_OCCS [ ( [2] g UNDISCH (Next_State_THM) ) ] 

(RBFL -P_loadS (a ((titimeC) + 1))")))) 

)/> 
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let P_down__ISO = •av«_thm 
( ' P_down_ISO ' , 

(DISCH_ALL 

(RSWRITB_RULB 

[ PC_NSF_EXP ; P_downS J 

(SUBS_OCCS [ { [2 ] , UNDISCH (Naxt_State_THM) ) ] 

(REFL "P_downS (s ((titimeC) + 1))")))) 

) ; ? 

lat P__lock_ISO - 0 ave_thm 
{ ' P_lock_ISO ' , 

(DISCH_ALL 

(RBWRITB_RULB 

[PC_NSF_EXP t P_lock_S ] 

(SUBS_OCCS [ ( [23 , UNDISCH (Naxt_Stata_THM) ) ] 

(RSFL "P_lock_S (« ( (t : timeC} ♦ 1))")))) 

) 7 / 

let P_lock_inh_ISO « aave_thm 
( ' P_loc3c_inh_ISO ' , 

(DISCH_ALL 

(RBWRITB_RULB 

[PC_NSF_EXP/ P_lock_inh_S ] 

(SUBS_OCCS [ ( [2] , UNDISCH (Next_State_THM) ) ] 

(RSFL "P_lock_inh_S (• ((tt timeC) + 1) )")))) 

);/ 

let P_mala_ISO * 0 ave_thm 
( ' P_male_ISO ' , 

(DISCH __ALL 
( RBWRITB_RULB 

[PC_NSF_EXP 7 P_male_S 3 

{SUBS_OCCS [ ( [2] t UNDISCH (Next_State_THM) ) ) 

(RSFL "P_male_S (0 ((t:tiineC) + 1) )")))) 

) ; ; 

let P_rale_ISO * eave_thra 
( ' P_rale_ISO ' , 

(DISCH_ALL 

(REWRITE_RULE 

[PC_NSF_SXP ; P_rale_S3 

(SUBS_OCCS [ ( [2] , UNDISCH (Next_State_THM) ) ] 

(RSFL *P_rale_S (a ((tstixneC) + 1 >)")>) ) 

);/ 

let OutJTHM • TAC__PROOF 

(([}, *PCSet_Correct e e p »»> (p t « PC_OF (»t) (e t))"), 

RBWRITB_TAC [PCSet_Correct ; PC_Correct ; PC_Bxec ; PC_PreC ; PC_Po0tC3 
THEN RHWRITB_TAC 

[LEFT_ IMP_F ORAL L_CONV 
»( !t . 

(• (t + 1) - PC_NSF ( • t ) (e t) ) A 
(p t = PC_OF ( 0 t) (e t ) ) ) ««> 

(p t * PC_OF ( 0 t) (e t) ) *3 
THEN BXISTS_TAC "t : time" 

THEN REWRITR_TAC (ADD_CLAUSKS ] 

THEN STRIP_TAC 
) 7 7 

let L_ad_out_ISO ■ 0 ave_thja 
( ' L_ad_out_ISO ' , 

(DISCH ^ALL 
(REWRITB_RULE 

[PC_OF_EXP ; L_ad_out03 

(SUBS_OCCS [( [23 , UNDISCH (Out_THM) ) ] (REEL w L_ad_outO (p ( t i timeC) ) w ) } ) ) 

);; 

let L_ready_ISO * eave_thm 
( ' L_ready_ISO ' , 

(DISCH_ALL 

(RSWRITE_RULB 

[ PC_OF_EXP ; L_ready_G 3 
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(SUBS_OCCS [( [2] , UNDISCH (Out_THM) ) ] (RBFL "L_ready_Q (p ( t ; t imeC ) ) w ) ) ) ) 


);; 

let I_ad_out_ISO = save_thxn 
{ # I_ad_out_ISO ' , 

(DZSCH_ALL 

(RBWRITB_RULB 

[PC_OF_KXP; I_ad_outO] 

(SUBS_OCCS [ ( [2] ,UNDISCH (Out_THM) ) ] ( RBFL "I_ad_outO (p (t : timeC) ) » ) ) ) ) 

) /; 

let I_be_ISO * save_thm 
( ' I_be__ISO ' , 

(DISCH_ALL 

(RKWRITB_RULB 

[PC_OF_KXP; l_be_0] 

(SUBS_OCCS [ ( [2] ,UNDISCH (Out_THM) ) ] (RBFL *I_be_0 (p (t :timeC) ) w ) ) ) ) 

) ; ; 

let I_rale_ISO ■ save_thm 
( ' I_rale_ISO ' , 

(DISCH_ALL 

(RSWRITE_RULK 

[ PC_OF_KXP / I_r al e_0 ] 

(SUBS^OCCS [ ( [2] ,0NDISCH (Out_THM) ) ] (RBFL "l_rale_0 (p (t :timeC) ) ") ) ) ) 

)77 

let I_male_ISO - aave_thm 
( ' I_male_ISO ' , 

<DISCH_ALL 
( RBWRITB_RULB 

[ PC_OP_KXP ; l_male_0 ] 

(SUBS_OCCS [ ( [2 ] , UNDISCH (Out_THM) ) ] (RBFL "l_male_0 (p (t : timeC ))"))) ) 

) 7 7 

let I_crqt_ISO = »ave_thm 
( ' I_crqt_ISO ' , 

<DISCH_ALL 

(RBWRITB„RULB 

[PC_OF_BXP / l_crqt_0] 

(StJBS_OCC 3 [( [2J , UNDISCH (Out_THM) ) ] (RBFL "l_crqt_0 (p (t :t±meC) ) ») ) ) ) 

) 7 7 

let I_cale_ISO * eava_thm 
( ' I_cale_ISO ' , 

( DISCH_ALL 
(RBWRITB_RULB 

[ PC_OF_BXP 7 I_C al e_0 ] 

(SUBS_OCCS [( [2] , UNDISCH (Out_THM) ) ] (RBFL *I_cale_0 (p (t :timeC) ) ") ) ) ) 

>77 

let I_mrdy_ISO ■ ■ave_thm 
( ' I_mrdy_ISO ' , 

( DISCH_ALL 
( RBWRITB_RULB 

[PC_OF_KXP; l_mrdy_0] 

(SUBS.OCCS [ ( [2 ] , UNDISCH (Out_THM) ) 3 (RBFL *I_mrdy_0 (p ( t : timeC) ) w ))) } 

>77 

let I_laet_ISO ■ save_thm 
( 'I_laet_ISO ' t 
( DISCH_ALL 
(RBWRITB_RULB 

[PC_OF_KXP; l_la«t_0] 

(SUBS_OCCS [( [2] , UNDISCH ( Out_THM) ) ] (RBFL "I_laBt_0 (p ( t : timeC) )"))) ) 

>77 

let I_hlda_ISO = eave_thm 
( ' I_hlda_ISO ' , 

( DISCH_XLL 
(RBWRITB_RULB 

[ PC_OF_KXP 7 l_hlda_0 ] 
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(SUBS_OCCS [( [2 ], UNDISCH (Out_THM) ) ] (RBFL "l_hlda_0 (p (t i timaC) ) ") ) ) ) 

);; 

lat I_lock_ISO - aava_thm 
( 'I_loc)c_ISO' , 

(DISC8_ALL 

(RBWRITH_RULB 

EPC_OF_RXP ; l_lock_0 ] 

( SUBS_OCCS [( [2 ], UNDISCH (Out_THM))] (RBFL "l_lock_0 (p (t r timaC) ) ") ) ) ) 

)?; 

cloaa_thaory ( ) j / 


3,3 M-Port Definitions 

This section contains the theories mauxjdef y mblock_def y and mclock_def defining the M-Port design. 


% 

Fila: maux_daf.ml 

Author: (c) D . A. Fura 1992-93 

Data: 15 January 1993 

% 

aat_flag ('timing', trua) ; ; 

aat_aaarch_path (aaarch_path( ) [ ' /homa/alvia6/dfura/ftap/piu/hol/lib/ ' j 

' /homa/alvie6/dfura/hol/Library/toola/ ' 

3)/ J 

ayatam ' rm maux_d af . th ' ; / 
naw_thaory 'maux_daf ' ; ; 

map naw_jparant [ 'buan_daf ' / ' laaa_aq' ] ; ; 

naw_typa_abbrav { ' tima ’ , " : nun" ) ? / 
naw_typa__abbrav ( 'wordn ' , M : ( num- >bool ) ") / ; 
naw_typa_abbrav ( ' buan ' , * : { num- >wira ) " ) ? / 

% 

Abatract data typa for tha M-Port FSM atataa. 

% 


lat mf •m_ty_Axiom • 

dafina_typa 'mf anuty_Axiom' 

'mfanuty ■ MX I NA 1 MVT | MRR I MR I MBW' ; ; 


% 

Abatract data typa for tha M-Port inatruction. 


% 


lat MCI - 

dafina_typa 'MCI' 

'MCI * MC_X ' ; ; 


% 

Abatract data typa for tha atata. 


% 


lat mc_atata ■ 

dafina_typa 'mc_atata' 

'mc_atata ■ MCStata mfan^_ty bool bool bool bool bool bool bool bool 
bool bool wordn wordn wordn bool bool bool 
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wordn wordn' ; ; 


lat M_£sm_stataS * naw_racursiva_daf inition 
falsa 
mc_stata 
'M_f am_stataS 1 

"M_f s»_stataS (MCStata M_fsm_atata M_f sm_mala_ M_fsnv_rd M_f am_bw M_f sm_ww 
M_f am_laat_ M_f am_mrdy_ M_f am_zaro_cnt M_f ara_ret M_sa M_wr 
M_addr M_ba M_ count M_rdy M_wwdal M_parity M_rd_data M__datact ) 

= M_f snu^tata"/ ; 

lat M_f sa*_mala_S ■ naw_racursiva_da£ inition 
falsa 
mc_stata 
'M_f sm_mala_S ' 

"M_f sm_mala_S (MCStata M_fsm_atate M_fsm_mala_ M.fam^rd M_fsm_bw M_f sm_ww 
M_fsm_last_ M_fsm_mrdy_ M_f sm_zaro_cnt M_fsn^_rst M_sa M_wr 
M_addr M_ba M_count M_rdy M_wwdal M_parity M_rd_data M_datact) 

= M_f am_mala_" ; ; 

lat M_fsi^_rdS * naw_racursiva_daf inition 
falsa 
mc_stata 
' M_f sm_rdS # 

"M_f sm_rdS (MCStata M_fsm,_*tata M_f sm_mala_ M_fsm^rd M_fsin_bw M_fsm_ww 

M_fsm^last_ M_fam_mrdy_ M_f sm_z aro_.cn t M_fsm_rst M_sa M_wr 
M_addr M_ba M_count M_rdy M_wwdal M_parity M_rd_data M_datact ) 

= M_fsm_rd*;/ 

lat M_fsnubwS = naw_racursiva_daf inition 
falsa 
mc_stata 
' M_f snv_bwS * 

"M_fsm_bwS (MCStata M_f sm^stata M_£snL_mala_ M_fsm_rd M_fsirL_bw M_f sm_ww 

M_f am_laat_ M f sm_mrdy_ M_f am__zaro_cnt M_f am_rst M_sa M_wr 
M_addr M_ba M_count M_rdy M_wwdal M parity M_rd_data M_datact ) 

- M_fam_bw"; ; 

lat M_fsnv_wwS ■ naw_racursiva_daf inition 
falsa 
mc_stata 
' M_f sslwvS ' 

"M_fsm_wwS (MCStata M__fam_stata M_fsm^mala_ M_fsm t _rd M_fsm_bw M_f sm_ww 

M_fsnula»t_ M_£am_mrdy_ M_f snuzaro_cnt M_£szn_rst M_sa M_wr 
M_addr M_ba M_ count M_rdy M_wwdal M_parity M_rd_data M_datact) 

« M_f sblww"/ / 


lat M_£sia_last_S ■ naw_racuraiva_daf inition 
falsa 
mc_stata 
' M_f sm_las t_S ' 

*M_£ sm_la» t_S (MCStata M_f am_atata M_f sm_znala_ M_fsm_rd M_f sm_bw M_f sm_ww 
M_fsm_last_ M_fsm_mrdy_ M_f sm_zaro_cnt M_fsm_rst M_sa M__wr 
M_addr M_ba M_ count M_rdy M_wwdal M_parity M_rd_data M_datact ) 


M_f snL_last_ 


r ; ; 


lat M_ f s m_mr dy _S * naw_racur*iva_daf inition 
falsa 
mc.stata 
'M_f ■m_mrdy_S ' 

*M_f am L _mrdy_S (MCStata M_f am_atata M_f am_mala_ M_f am_rd M_f sxa_bw M_fsm_ww 
M_f»m_laat_ M_f am_mrdy_ M_f *m_zaro_cnt M_fsm_rst M_sa M_wr 
M_addr M_ba M_count M_rdy M_wwdal M_parity M_rd_data M_datact) 
» M_f am_mrdy_" / ; 


lat M_f sm_zaro_cntS * naw_ra curs iva_daf inition 
falsa 
mc_«tata 

'M_f sm_zaro_cntS ' 

"M_f sm^zaro_cntS (MCStata M_f am_stata M_f anumala_ M_f sm_rd M_f sm_bw M_fsm_ww 
M_fsnulast_ M_f am_mrdy_ M_f snt_*aro_cnt M_fsm k _rst M_sa M_wr 
M_addr M_ba M_count M_rdy M_wwdal M_parity M_rd_data M_datact) 
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M_f »m_ztro_cnt * ? ; 


let M_fsm_ratS * naw_racuraiva_daf inition 
falsa 
mc_stata 
'M_f sn*_rstS ' 

*M_f sxa_rstS (MCStata M_fsnu*tata H_£»m L _mala_ M_fsm_rd M_f am_bw M_f •m_ww 

M_fsm_last_ M_£ am_mrdy_ M_f an*_zaro_cnt M_fsnt_rst M_sa M_wr 
M_addr M_ba M_count M_rdy M_wwdal M_parity M_rd_data M_datact) 

s M_f *m_rs t " / / 

let M_saS * naw_racuraiva_daf inition 

falsa 
mc_stata 
'M_saS ' 

»M_aaS (MCStata M_f »n\_»tata M_f «ir^mala_ M_f »m_rd M_f«n_bw M_f am^ww 

M_f *m_last_ M_f »m_mrdy_ M_f sm l _zaro_cnt M_£sBL_r#t M_sa M_wr 
M_addr M_ba M_ count M_rdy M_wwdal M_parity M_rd_data M_datact) 

= M_ia" ; ; 

lat M_wrS * naw_racuraiva_daf inition 
falsa 
racist at a 
'M_wrS ' 

"M_wrS (MCStata M_fsm_stata M_£snL_mala_ M_fsnu*d M_fsm_bw M_fsnL_ww 

M_fsm_last_ M_f *m_mrdy_ M_f sm_zaro_cnt M_£sn*_rst M_sa M_wr 
M_addr M_ba M_ count M„rdy M_wwdal M_parity M_rd_data M_datact ) 

a M_wr"; ; 

lat M_addrS a naw_racursiva_daf inition 

falsa 

mc_stata 
'M_addrS ' 

4r M_addrS (MCStata M_fsnu»tata M^fsnusiala^ M_fsm_rd M_fsnL_bw M_f sm_ww 

M_f sm_laat„ M_£sm_mrdy_ M_f snu*«ro_cnt M_fsin_rst M_sa M_wr 
M_addr M_ba M_count M_rdy M_wwdal M_parity M_rd_data M_datact) 

» M_addr" ; ; 

lat M_baS * naw_racursiva_daf inition 
falsa 
mc_stata 

t J3 # g t 

"M_baS (MCStata M_fsm_stata M_f sm^mala_ M_fsw_rd M_fsn^_bw M__ fsi*__ww 

M_f snv_last_ M_£»m_mrdy_ M„f sm_*«ro_cnt M_fsm_rst M_aa M_wr 
M_addr M_ba M_count M_rdy M_wwda 1 M_parity M_rd_data M_datact) 

a M_ba"; / 

lat M_countS * naw__racursiva_daf inition 
falsa 
mc_stata 
'M_countS' 

4# M_countS (MCStata M_f »m_»tata M_fsm_mala_ M_fsm_rd M_f sm_bw M_f sm_ww 

M_f sm_last_ H_fsBL.mrdy_ M_f sm^zaro_ent M_fsnt_rst M_»a M_wr 
M_addr M_ba M_ count M_rdy M_wwdal M_parity M_rd_data M_datact ) 

a M_count" / ; 

lat M_rdyS = naw_racursiva_daf inition 
falsa 
mc_stata 
' M_rdyS 1 

w M_rdyS (MCStata M_fsm_stata M_fsn L .mal«_ M_fsm_rd M_f sbUw M_f »m_ww 

M_fsm^la*t_ M_f s»_mrdy_ M_f sm_zaro_cnt M_fsnL.rst M_sa M_*rr 
M_addr M_ba M_ count M_rdy M_wwdal M_parity M_rd_data M_datact) 

- M_rdy w / ; 

lat M_wwdalS = naw_racursiva_daf inition 
falsa 
mc_stata 
'M_wwdalS ' 

"M_wdtlS (MCStata M_fanuatata M_£am_mala_ M_fsm_rd M_fsm_bw M_fsnL_ww 

M_fsin_last_ M_fsm_mrdy_ M_f sn*_*«o_cnt M_fsm_rst M_sa M_vr 
M_addr M_ba M_ count M_rdy M_wwdal M_parity M_rd_data M_datact) 
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= M_wwdal" / ; 


lat M_parityS = naw_racursiva_daf inition 
falsa 
mc_stata 
'M_parityS ' 

*M_parityS (MCStata M_fsm^»tata M_fsm_mala_ M_fsm_rd M_fsnL_bw M_fsm L _ww 

M_fsm_mrdy_ M_f »BLi*ro_cnt M_fsm^rst M_aa M_vrr 
M_addr M_ba M_ count M_rdy M_wwdal M_parity M_rd_data M_datact) 

= M_parity" ; / 

lat M_rd_dataS * naw_racuraiva_daf inition 
falsa 
mc_stata 
'M_rd_dataS ' 

"M_rd_dataS (MCStata M_fanu*tata M_f snL_mala_ M_f sm_rd M_fsm_bw M_f sm_ww 

M_f *xn_la»t_ M_f •m_mrdy_ M_f sm_zaro_cnt M_f sm_rst M_sa M_wr 
M_addr M_ba M_count M_rdy M_wwdal M_parity M_rd_data M_datact) 

* M_rd_data";; 

lat M_datactS * naw_racursiva_daf inition 
falsa 
mc_stata 
'M_da tacts ' 

"M_datactS (MCStata M_fsm^*tata M_f sm_mala_ M_fsia_rd M_fsxn_bw M_fsnL_ww 

M_fsm_last_ M_fsm L _mrdy_ M_f sm_zaro_cnt M_fsm_rst M_sa M_wr 
M_addr M_ba M_ count M_rdy M_wwda 1 M_parity M_rd_data M_datact) 

» M_datact"/; 
lat Stata.CASBS » 

prova_casas_thm (prova_ indue tion_thm mc_stata) ; ; 

lat Stata_Salactors_Work = prova^thm 
( 'Stata_Salactors_Work ' , 

"I s:mc_stata . 

s * (MCStata (M_f sm_stataS s) (M_f sm_mala_S s) (M_f sm_rdS s) (M_fsm_bwS s) 
(M_f sm_wwS s) (M_f sn l _last_S s) (M_f sm_mrdy_S s) 

(M_f sm_zaro_cntS ■) (M_fsm L _rstS s) (M_saS s) (M_wrS s) 

(M_addrS s) (M_baS s) (M_countS s) (M_rdyS s) (M_wwdalS s) 
(M_paritys s) (M_rd_dataS s) (M_datactS s))", 

QBN_TAC 

THEN STRUCT_CASBS_TAC (SPEC “i jmc.stata" Stata_CASBS) 

THEN FBWRITB_TAC [M_f anu*tataS; M_f sm_mala_S; M_f sm_rdSj M_f snL_bwS/ 

M_fsnLWwS; M_f sn*_last_S? M_f sm_mrdy_S ; M_f sm_*«ro_cntS; 
M_fsnL.rstS; M_saS; M__vrS ; M_addrS ; M_baS; M_countS ; 

M_rdyS; M_wwdalS; M_parityS; M_rd_dataS; M_datactS] 

) ;; 


% 

Abstract data typa for tha anvironmant 


% 


lat mc_anv * 

da f ina_t ypa ' mc_anv ' 

'mc_anv = MCRnv bool# bool booltbool bool#bool wordntwordn 
bool# bool bool#bool bool# bool bool# bool 

bool# bool wordntwordn bool# bool wordntwordn bool# bool 

booltbool ' ; ; 

lat RstB * naw_racursiva_daf inition 

falsa 

mc_anv 

'RstB' 

"RstB ( MCEnv Rst Disabla_aaprom Disabla_writas I_ad_in I_mala_ 

I_rala_ I_cala_ I_hlda_ I_last_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Raaat_parity) 

■ Rst";; 

lat Disabla_aapromE * naw_racursiva_daf inition 
falsa 
mc_anv 

'Disabla_aapromB ' 


63 



"Disabla_aapromB (MCBnv Rst Disabla_aaprom Disabla_writas I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda_ I_last_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Ra»at_parity) 

* Disabla_aaprom"; ; 

lat Disabla_writasB ■ naw_racursiva_daf inition 
falsa 
mc_anv 

* Disabla_writasB # 

*Disabla_writ asB (MCBnv Rat Disabla_aaprom Disabla_writas I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda_ I_last_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Raaat_parity) 

* Disabla_writas*/ ; 

lat I_ad_inB * naw_racursiva_daf initlon 
falsa 
ac_any 
' I_ad_inB ' 

"I_ad_inB {MCBnv Rst Disabla_aaprom Disabia_writas I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda_ I_last_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Rasat_parity) 

» I_ad_in ,r ; ; 

l#t I_mala_B ■ naw_racursiva_daf initlon 
falsa 
mc_anv 
' l_»ala_B ' 

*l_mala_E (MCBnv Rst Disabla_aaprom Disabla_writas I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda_ I_last_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Rasat_parity) 

« I_mala_ w ; ; 

lat I_rala_B ■ naw_racursiva_daf initlon 
falsa 
mc_anv 
' I_rala_B ' 

*I_rala_B (MCBnv Rst Disabla_aaprom Disabla_writas I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda_ I_last_ X_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Rasat ^parity) 

* I_rala_*j ? 

lat I_cala_B ■ naw_racursiva_daf initlon 
falsa 
mc_anv 
' I_cala__E ' 

"I_cala_B (MCBnv Rst Disabla_aaprom Disabla_writas I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda„ I_last_ I_ba_ I_rardy_ MB_data_in 
Bdac_an_ Rasat_parlty) 

* I_cala_ w ? / 

lat I_hlda_B * naw_racursiva_daf initlon 
falsa 
mc_anv 
' I_hlda_B ' 

"I_blda_B (MCBnv Rst Disabla_aaprom Disabla_writas I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda_ I_last_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Rasat_parity ) 

= I_hlda_"; ; 

lat I_last_B * naw_racursiva_daf initlon 
falsa 
mc_anv 
'IJtltJ' 

*I_last_B (MCBnv Rst Disabla_aaprom Disabla_writas I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda_ I_last_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Rasat_parity) 

* I_last_ w ; / 

lat I_ba_B « naw_racursiva_daf initlon 
falsa 
mc_anv 
' I_ba_B ' 
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"I_be_E (MCEnv Rat Diaabla_aaprom Diaabla_writaa I_ad_in I_mala_ 

I_rala_ I_cala_ I_hlda_ I_laat_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Raaat_parity) 

* I_ba_" ; ; 

lat I_mrdy_E * naw_racursiva_daf inition 
falaa 
mc_anv 
' I_mrdy_B ' 

"I_mrdy_E (MCEnv Rat Diaabla_aaprom Diaabla_writaa I_ad_in I_mala_ 

I_rala_ I_cala_ I_hlda_ I_laat_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Raaat_parity) 

* I_mrdy_ w ; ; 

lat MB_data_inE * naw_racuraiva_daf inition 
falaa 
mc_«nv 

'MB_data_inE ' 

"MB_data_inB (MCEnv Rat Disabla_aaprom Diaabla_writaa I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda_ I_laat_ I_ba_ I_mrdy_ MB_data_in 
Edac_an_ Raaat_parity) 

= MB__data_in" / ; 

lat Edac_an_E * naw_racuraiva_daf inition 
falaa 
mc_anv 
' Edac_an_B ' 

"Bdac_an_B (MCEnv Rat Diaabla_aaprom Diaabla_writaa I_ad_in I_mala_ 

I_rala_ I_cala_ I_hlda_ I_laat_ I_ba_ I_mrdy_ MB_data_in 
Edac_an_ Raaat_parity) 

* Bdac_an_' r / ; 

lat Raaat_parityB = naw_racruraiva_daf inition 
falaa 
mc_anv 

' Raaat_parityB ' 

"Raaat_parityB (MCEnv Rat Diaabla_aaprom Diaabla_writaa I_ad_in I_mala_ 
I_rala_ I_cala_ I_hlda_ I_laat_ I_ba_ I_mrdy_ MB_data_in 
Bdac_an_ Raaat_parity) 

* Raaat_parity"; ; 

lat Env_CASBS « 

prova_caaaa_thm (prova__induction_thm mc_anv) ; j 

lat Bnv_Salactora_Work ■ prova_thm 
( 'Bnv_Salactora_Work ' , 

" ! at mc_anv . 

a ■ (MCEnv (Rats a) (Diaabla_aapromB a) (Diaabla_writaaB a) ( I_ad_inE a) 
(I_mala_E a) (I_rala_B a) (I_cala_B a) (I_hlda_B a) (I_laat_B a) 
(I_ba_B a) ( I_mrdy_K a) (MB_data_inB a) 

(Bdac_an_B a) (Raaat_parityB a))*, 

OBN_TAC 

THEN STRUCT_CASBS_TAC (SPEC "tunc_anv" Bnv_CASBS) 

THEN REWRITB_TAC [RatB; Diaabla_aapromB; Diaabla_writaaB; I_ad_inE ; 

I_mala_B; I_rala_B/ I_cala_B/ I_hlda_B/ I_laat_B/ I_ba_E/ 
I_mrdy_B; MB_data_inB? Bdac_an_B/ Raaat_parityB] 

)n 


% 

Abatract data typa for tha output. 


■% 


lat mc_out * 

dafina__typa 'mc_out' 

'mc_out * MCOut buanibuan wirafwira wordn#wordn buan#buan 

booltbool bool# bool bool#bool bool# bool bool#bool ' / ; 

lat I_ad_outO * naw_racuraiva_daf inition 
falaa 
mc_out 
' I_ad_outO ' 

"I_ad_outO (MCOut I_ad_out I_ardy_ MB_addr MB_data_out MB_ca_aaprom__ 
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MB_c»_«ranu MB_wa_ MB_oa_ MB_parity) 


m I_ad_out ";/ 

lat l_srdy_0 - naw_racursiva_daf inition 
falsa 
mc_out 
' l_ardy_0 ' 

«I_»rdy_0 (MCOut I_ad_out I_srdy_ MB_addr MB_data_out MB_cs_aaprom_ 
MB_cs_sram_ MB_wa_ MB_oa_ MB_parity) 

■ I_srdy_" ; ; 

lat MB_addrO * naw_racursiva_daf inition 

falsa 

mc_out 
' MB_addrO ' 

* r MB_addrO (MCOut l_ad_out I_srdy_ MB_addr MB_data_out MB_c a _a aprons 
MB_cs_sram_ KB_w«_ MB_oa_ MB_parlty) 

■ MB_addr" ; ; 

lat MB_data_outO * naw_racursiva_daf inition 
falsa 
mc_out 

'MB_data_outO ' 

"MB_data_outO (MCOut I_ad_out I_srdy_ MB_addr MB_data_out MB_cs_aaprom_ 
MB_cs_sranv_ MB_wa_ MB_oa_ MB_parity) 

E MB_dat a_out " / ; 

lat MB_cs_aaprom_0 * naw_racursiva_daf inition 

falsa 

mc_out 

# MB_cs_aapront_0 ' 

w MB_cs_aapronuO (MCOut I_ad_out I_srdy_ MB_addr MB_data_out HB_cs_aaprom_ 
MB_cs_sranL_ KB_wa_ MB_oa_ MB_parity) 

■ MB_cs_aaprom_* / ; 

lat MB_cs_sraa_0 ■ naw_racursiva_daf inition 

falsa 

mc_out 

'MB_cs_sranL_0 ' 

,f MB_es_sram_0 (MCOut I_ad_out I_»rdy_ MB_addr MB_data_out MB_cs_aaprom_ 
MB_cs_sram_ MB_wa_ MB_oa_ MB_parity) 

« MB_cs_sram_" ; ; 

lat MB_wa_0 m naw_racursiva_daf inition 
falsa 

mc_out 
'MB_wa__0 ' 

v MB_wa_0 (MCOut I_ad_out I_*rdy_ MB_addr MB_data_out MB_cs_aaprom_ 
MB_cs_sram_ MB_wa_ MB_oa_ MB_parity) 

« MB_wa_" ; ; 

lat MB_oa_0 - naw_racursiva_daf inition 
falsa 

mc_out 
'MB_oa_0 ' 

"MB_oa_0 (MCOut I_ad_out I_»rdy_ MB.addr MB_data_out MB_c s_a apr om_ 
MB_cs_srait_ MB_wa_ MB_oa_ MB_parity) 

■ MB_oa_ w ; / 

lat MB__parityO - naw_racursiva_daf inition 
falsa 
mc_out 
'MB_parityO # 

"MB_parityO (MCOut I_ad_out I_srdy_ MB_addr MB_data_out MB_cs_aaprom_ 
MB_cs_sran^_ MB_wa_ MB_oa_ MB_parity) 

■ MB^parity* ; ; 
lat Out_CASES » 

prova_casas_thm (prova_induction_thm mc_out);; 

lat Out_8alactors_Wor)c * prova_thm 
( ' Out_Salactors_Work ' , 
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"1 p:mc_out . 

p ■ (MCOut (I_ad_outO p) (l_ardy_0 p) (MB_addrO p) (MB_data_outO p) 
(MB_cs_aaprom_0 p) (MB_cs_sram_0 p) (MB_wa_0 p) (MB_oa_0 p) 
(MB_parityO p) ) ", 

OBN_TAC 

THEN STRUCT_CASBS_TAC {SPEC "p :mc_out" Out_CASBS) 

THEN REWRI TB_TAC [I_ad_outO; l_srdy_0; MB_addrO; MB_data_outO; 

MB_cs_aaprom_0; MB_cs_aram_0 / MB_wa_0; MB_oa_0; 
MB_parityO] 

) ;; 


closa_thaory ( ) ; / 


V 


Fila: m_block.ml 

Author: (c) D.A. Fura 1992-93 

Data: 1 March 1993 

This fila contains tha ml sourca for tha gata-laval spacif ication of tha 
M-Port of tha FTBP PIU , an ASIC davalopad by tha Bmbaddad Procassing 
Laboratory, Boaing High Tachnology Cantar. 

% 

••t_saarch_path (aaarch_path( ) 0 [ ' /homa/alvia6/dfura/f tap/piu/hol/mport/ ' ? 

' /homa/alvis6/dfura/f tap/piu/hol/lib/ ' / 

9 /homa/alvis6/dfura/hol/ml/ ' ; 

4 /homa/alvis6/dfura/hol/Library/abs_thaory/ ' ? 

' /homa/alvis6/dfura/hol/Library/tools/ ' 

3 )/; 

aat_flag ( 'timing' , trua);/ 

systam ' rm mblock_daf . th' ; ; 

naw_thaory 'mbloc)c_daf ' ; ; 

loadf / abs_thaory ' ; ; 
loadf 'aux_daf s 4 ; ; 

map naw_parant ( 'maux_daf J / ' wordn_daf 4 j ' array_daf ' j ' lass_aq' J ; / 
map load_parant [ 'piuaux_daf ' j 'gatas_dafl ' / 'latchas_daf ' / *t fa_daf # ] I ; 

lat RBP_ty » abs_typa_inf o (thaoraa 'piuaux_daf * 'REP');; 

% 

SRAM/ EE PROM salaction logic. 

% 


lat SE_Logic_QATB - naw_daf inition 
( ' SB_Logic_OATE ' , 

* * ( i_ad : t ima - > wor dn#wor dn ) 

(mala mam_anabla cs_a_ ci_»_ : tima->bool#bool) 

(M_sa : t ima -> bool ) . 

SB_Logic_QATB i_ad mala mam_anabla M_sa cs_a_ cs_s_ * 

! t : t ima . 

<M_aa (t+1) « 

(BSal (mala t ) ) «> (ELEMENT (BSal(i_ad t)) (23)) I M_sa t) /\ 

( ca_a_ t - ( ( -ASal (mam_anabla t) \/ M_sa t) , 

( -BSal (mam_anabla t) \/ M_aa (t+1)))) /\ 

( cs_s_ t ■ { ( ~ASal (mam^anabla t) \/ -M_sa t), 

( -BSal (mam^anabla t) \/ ~M_sa (t+1)))) - 

);; 


% 

Read/writa salaction logic. 

% 
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lat WR_Logic_OATB * naw_daf inition 
( 'WR_Logi c_OATB ' , 

" 1 ( i_ad : t ima - > wordn#wor dn ) 

(mala manuanabla wr rd_mam wr_mam : tima->bool#bool) 

(M_wr » tlma->bool ) 

WR_Logic_OATE i_ad mala mam_anabla M_wr wr rd_mam wr_mam = 

! t:tlma . 

(M_wr (t+1) = 

(BSal (mala t) ) »> (ELEMENT (BSal(i_ad t) ) (27)) I M_wr t) /\ 

(wr t ■ (M_wr t, M_wr (t+1))) /\ 

( rd_mam t * ( (ASal (mam_anabla t) / \ -M_wr t) , 

(BSal (manuanabla t) /\ -M_wr (t+1)))) A 
(wr_mam t * ( (ASal (mam^anabla t) / \ M_wr t ) , 

(BSal (mam_anabla t) A M_wr (t+1))))" 


% 

Addraas countar logic. 


lat Addr_Ctr_OATB ■ naw_daf inition 
( ' Addr_Ctr_OATB ' , 

"l ( i_ad addr_out : t ima - >wor dntwordn ) 

(mala rdy : t ima- > bool ibool) 

(M_addr : t ima - >wordn ) 

Addr_C t r_OATB i_ad mala rdy M_addr addr_out ■ 

! tttima . 

( M_addr (t+1) * 

(BSal (mala t)) *> (SUBARRAY (BSal(i_ad t) ) (18,0)) I 

(BSal (rdy t)) *> (INCN 18 (M_addr t) ) I M_addr t) A 
( addr_out t * 

( ( (ASal (rdy t) ) «> (INCN 18 (H_addr t ) ) I M_addr t) , 

( (BSal (rdy t)) *> (INCN 18 (M_addr t)) t M_addr t)))" 


% 

Byta anabla logic . 


lat BB_Logic_OATB « naw_daf inition 
( ' BB_Logic_OATB ' , 

"1 ( i_ba_ ba_out j t ima -> wo r dntwordn) 

(mala ardy wr_mam ww bw j tima->bool#bool) 

(M_ba t tima->wordn) 

BB_Logic_QATE i_ba_ mala ardy wrjnam M_ba ba_out ww bw « 

1 t i tima . 

(M_ba (t+1) - 

(BSal (mala t) \i BSaKardy t)) 

«> (NOTN 3 (BSal(i_ba_ t ) ) ) I (M_ba t) ) A 
(ba_out t ■ (M_ba t, M_ba t) ) A 

(ww t = ( (ASal (wr_mam t) A (M_ba t * (WORDN 3 15))), 

(BSal(wr_mam t) A (M_ba (t+1) * (WORDN 3 15))))) A 
(bw t - ( (ASal (wr_mam t) A ~ (M_ba t ■ (WORDN 3 15))), 

(BSal ( wr_mam t) A - (M_ba (t+1) * (WORDN 3 15)))))" 

);; 


% - 

Input logic for M_rdy latch. 


lat Rdy_Logic_OATE * naw_daf inition 
( ' Rdy_ Log i c _OATB ' , 

"! (writa raad zaro.cnt wr_mam rdy : tima->bool#bool) . 

Rdy_Logic_OATE writa raad zaro_cnt wr_mam rdy * 

1 tttima . 

rdy t * (( (ASal (writa t) A ASal (zaro_cnt t) ) \/ 

(ASal (raad t) A ASal (zaro_cnt t) A -ASal(wr_mam t))), 
((BSal (writa t) A BSal ( zaro_cnt t)) \/ 

(BSal (raad t) A BSal (zaro_cnt t) A »BSal(wr_mam t)))) w 

);; 
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% 

Wait state countar logic. 

- % 


let Ctr_Logic_GATB * naw_daf inition 
( 'Ctr_Logic_GATE ' , 

"l (dn Id in zero_cnt : time->bool#bool) 

(M.count : t ima - > wordn ) 

Ctr_Logic_GATB in dn Id M.count zero.cnt » 

I t : t ima . 

(M_count (t + 1) * 

BSal { Id t) *> {BSal ( in t) => (WORDN 11) | (WORDN 1 2) 

BSal (dn t) => (DECN 1 (M_count t)) | (M.count t) ) /\ 

(zaro_cnt t » ( (M.count t - (ASal(dn t) *> (WORDN 1 1) | 

(M_count t * (BSal (dn t) => (WORDN 1 1) I 

) ;/ 


I 

(WORDN 1 0) ) ) , 
(WORDN 1 0)))))" 


% 

Memory control signal logic* 

% 


let Enable_Logic_QATE - new_def inition 
( 'Enable_Logic_OATE ' , 

"1 (cs_eeprom_ rd_mam address read write byte_write wwdal j time->bool#bool) 
(disabla_aaprom disable.writes oa_ edac_le we_ : time- > bool #bool ) 

(mb_wr_en_ : t ima -> bool# bool ) 

Enable_Logic_GATB cs_eaprom_ rd_mam address read write byta_writa wwdal 

disable_eeprom disabla_writas oe_ edac_la wa_ mb_wr_en_ * 

2 t : t ima . 

{ oa_ t * ( ( - ( (ASal (rd.mem t) A ASel (address t) ) \/ ASel(read t))), 

(- ( (BSal (rd__mem t) A BSal (address t ) ) \/ BSel(read t))))) A 
(wa_ t « ( ( - ( (ASal (es_aaprom L _ t) \/ -ASel (disable_eeprom t ) ) / \ 

-ASel (disable_writes t) /\ 

(ASel (byta_writa t) \/ ASal(write t) \/ ASel (wwdal t)))), 

( - ( (BSal (ca_aapronL t) \/ -BSal (diaable.eeprom t ) ) /\ 

-BSal (disable_writes t) /\ 

(BSal (byte.write t) \/ BSal (write t) \/ BSal (wwdal t ) ) ) ) ) ) /\ 
(adac_la t * (ASeHread t) , BSal (read t ) ) ) A 
(mb_wr_en_ t « (( -ASal (write t)), -BSal (write t)))" 

);; 


% 

Oenaration logic for I_srdy_. 

% 


let Srdy_Logic_GATB « naw.de f inition 
( ' Srdy_ Logic .GATE ' , 

" \ (wr rdy rdy.outQ srdy_ * tima->bool#bool ) 
Srdy_Logic_OATB wr rdy rdy.outQ srdy_ * 

2 t s t ima * 

srdy_ t * ( ( - ( (ASel (rdy.outQ t) A -ASal ( wr t) ) \/ 
(ASal (rdy t) A ASel(wr t)))), 

( - ( (BSal (rdy.outQ t) A -BSel(wr t)) \/ 
(BSal (rdy t) A BSel(wr t)))))" 

);; 


% - 

Memory decode logic . 

% 


let EDAC_Decode_Logic_GATB * new_def inition 
( ' EDAC_Decode_Logic_GATE 1 # 

" ! (rap t A RBP_ty) 

(mb.data.in data.out datact_out : time- > wordn #wordn) 

(edac.an : t ima - >bool#bool ) 

BDAC_Decoda_Logic_GATB rap mb_data_in edac.en data.out datact.out « 
! t : time . 


(data_out t = 

( ( ASel (edac.en t) 

( BSa 1 ( edac.en t ) 


*> (Ham.Dac rap (ASal (mb_data_in t ) ) ) 
i ASal (mb_data_in t ) ) , 

*> (Ham^Dac rap (BSal (mb.data.in t))) 
I BSal (mb_data_in t ) ) ) ) A 
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(datact_out t * 

( (ASal(adac_an t) *> (HanL_D«tl rap (ASal (mb_data_in t)}) 

| (WORDN 3 0) ) , 

( BSal ( adac_an t) *> (Ham^Datl rap (BSal (mb_data_in t))) 

[ (WORDN 3 0) ) ) ) w 

)/; 

% 

Memory raad latchas . 


lat Raad_Latcha»_OATB « naw_daf inition 
{ 'Raad_Latcha*_OATB # , 

"1 (rap: A RBP_ty) 

(data_inD datact_inD m_data_outQ i t ima - >wordn#wor dn ) 

(adac_an adac_la datact_inB nudatact_outQ : t ima- > bool ibool) 
(M_rd_data M_datact t tima->wordn) . 

Raad_Latchaa_OATB rap data_inD adac_an adac_la datact_inD datact_inB 
M_rd_data M_datact m_data_outQ «L_datact_outQ « 

1 t : t ima . 

(M_rd_data (t+1) * 

BSal ( adac_la t) »> (BSal (data_inD t ) ) I (M_rd__data t) ) /\ 

(M_datact (t+1) - 

BSal (datact_inB t) »> (BSal (datact_inD t)) I (M_datact t)) /\ 
(m^data.outQ t ■ (M_rd_data t, M_rd_data t ) ) /\ 

(m^datact^outQ t * 

( (Ham_Dat2 rap (M_datact t, ASal(adac_an t))), 

(Haa„Dat2 rap (M_datact (t+1), BSal(adac_an t)))))" 


% 

Snabla input logic for BDAC corraction raporting. 


lat Datact_Bnabla_Logic_OATB * naw_daf inition 
( ' Datact_Bnabla_Logic_GATE ' , 

"l (adac_an rd_mam datact_inB : tima->bool#bool) 
Datact_Knabla_Logic_aATB adac_an rd_mam datact_inB ■ 

1 titim* . 
datact_inB t * 

( ( (ASal (adac_an t) /\ ASal(rd_mam t)) \/ -ASal (rd_raam t)), 

( (BSal (adac_an t) /\ BSal (rd_mam t) ) \/ ~BSal (rd_mam t)))" 

)il 


% 

Mamory writa data multiplaxar . 


lat Mux_Out_Logic_OATB * naw_da f ini t ion 
( 'Mux_Out_Logic_OATE 1 , 

"l (m_data_outQ i_ad ba mb_data_out i t ima - >wordn#wor dn ) . 

Mux_Out_Logic_OATB m_data_outQ i_ad ba mb_data_out * 

I tit ima . 
lat odlA ■ 

(MALTXR 

ARBN 

(7,0) 

((BLBMBNT (ASal (ba t) ) (0)) 

*> (SUBARRAY (ASal(i_ad t)) (7,0)) 

| (SUBARRAY (ASal (n*_data_outQ t)) (7,0)))) in 

lat od2A « 

(MALTXR 

odlA 

(15,8) 

( (BLBMBNT (AStl(ba t) ) (1)) 

*> (SUBARRAY (ASal ( i_ad t ) ) (15,8)) 

t (SUBARRAY ( ASal (m_data_outQ t) ) (15,8)))) in 

lat od3A - 
(MALTBR 
od2A 
(23,16) 

( (BLBMBNT (ASal (ba t) ) (2)) 


70 


=> (SUBARRAY ( ASal ( i_ad t ) ) (23,16)) 

I (SUBARRAY < ASal (m_data_outQ t)) (23,16)))) in 

lat od4A = 

(MALTBR 

od3A 

(31,24) 

( (BLBMBNT (ASal (ba t)) (3)) 

=> (SUBARRAY ( ASal ( i_ad t ) ) (31,24)) 

I (SUBARRAY ( ASal (nudata_outQ t ) ) (31,24)))) in 

lat odlB = 

(MALTBR 

ARBN 

(7,0) 

( (ELEMENT (BSal(bat)) (0)) 

*> (SUBARRAY (BSal ( i_ad t ) ) (7,0)) 

I (SUBARRAY ( BSal (nudata_outQ t ) ) (7,0)))) in 

lat od2B = 

(MALTBR 

odlB 

(15,8) 

( (BLBMBNT (BSal(ba t)) (1)) 

«> (SUBARRAY (BSal ( i_ad t ) ) (15,8)) 

I (SUBARRAY (BSal (m_data_outQ t ) ) (15,8)))) in 

lat od3B » 

(MALTBR 

od2B 

(23,16) 

((BLBMBNT (BSal(ba t)) (2)) 

*> (SUBARRAY ( BSal ( i_ad t ) ) (23,16)) 

I (SUBARRAY ( BSal (m_dat a_outQ t)) (23,16)))) in 

lat od4B a 
(MALTBR 
od3B 
(31,24) 

((BLBMBNT (BSal (ba t)) (3)) 

»> (SUBARRAY (BSal(i_ad t)) (31,24)) 

| (SUBARRAY ( BSal (m_data_outQ t ) ) (31,24)))) in 

(mb_data_out t * (od4A, od4B) ) " 

) /; 


% 

Data ancoding logic . 

% 


lat Bnc_Out_Logic_OATB * naw_daf inition 
( ' Bnc_Out__Logic_OATE ' , 

*1 (rap : A RBP_ty) 

( mb_dat a_out mb_adata_out : t ima - >wordn#wordn ) 
Bnc_Out_Logic_QATB rap mb_data_out mb_adata_out * 
! trtima . 
mb_adat a_out t * 

( ( Ham_Knc rap (ASal (mb_data_out t) ) ) , 
(Ham^Knc rap (BSal (mb_data_out t))))" r 

) t / 


% 

Input logic for M_parity latch. 

- 

lat Mampar ity_In_Logic_QATB * naw_daf inition 
( ' Mampar ity_In_Logic_OATB ' , 

* ! (srdy mam_anabla datact_outQ rat raaat_parity : tiaa->bool#bool) 

( mampar it y_inS mampar ity_inR mampar it y_inB t t ima -> bool# boo 1 ) . 

Mamparity_In_Logic_QATB ardy mam_anabla datact_outQ rat raaat_parity 

mampar ity_inS mampar ity_inR mampar ity_inB a 

! tttima . 

(mampar it y_inS t ■ 

((ASal(ardy t) /\ ASal (mam_anabla t) /\ ASal (datact_outQ t)), 

(BSal (ardy t) /\ BSal (manuanabla t) /\ BSal (datact_outQ t ) ) ) ) /\ 

( mampar ity_inR t * 

( (ASal (raaat_parity t) \/ ASal (rat t)), 

(BSal (raaat_parity t) \/ BSal (rat t)))) /\ 
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<*> s 


(maraparity_inE t * 

( (ASal (mamparity_inS t) \/ ASal (mamparity_inR t)), 
(BSal (mamparity_inS t) \/ BSal (mamparity_inR t)))) w 


-Port controllar atata machina. 


lat FSM_OATB * naw_daf inition 
( ' FSM_GATB ' , 

"! (mala_in_ rd_in bw_in ww_in laat_in_ : tima->bool#bool) 

(mrdy_in_ zaro_cnt_in rat_in : tima- > bool# bool) 

(atata j tima->mf em_ty) 

(mala_ rd bw ww laat_ mrdy_ zaro_cnt rat : tima->bool) 

( addraa a_out raad_out writa_out : tima->bool#bool) 

( by t a_wr 1 1 a_ou t mam_anabla_out j tima->bool#bool) 

FSM_QATB mala_in_ rd_in bw_in ww_in laat_in_ mrdy_in_ zaro_cnt_in ratlin 
atata mala_ rd bw ww laat_ mrdy_ zaro_cnt rat 

addraaa_out raad_out writa_out byta_writa_out mam_anabla_out = 

1 t:tima. 

(atata (t+1) * 

(rat t) *> MI I 

(atata t = MI) ■> { { ~mala_ t) *> MA I MI) I 
(atata t * MA) *> 

(((-mrdy_ t) /\ ww t) *> MW I 

{ ( -mrdy_ t) /\ (rd t \/ bw t) ) => MR I MA) j 

(atata t * MR) ■> 

( (bw t /\ zaro_cnt t) *> MBW I 
(laat_ t /\ rd t /\ zaro_cnt t) *> MA I 

( ( ~laat_ t) /\ rd t /\ zaro_cnt t) *> MRR I MR) I 

(atata t - MRR) -> MI | 

(atata t * MW) *> 

({zaro_cnt t /\ ~laat_ t) *> MI I 
( zaro_cnt t /\ laat_ t) *> MA | MW) ( MW) /\ 

(mala_ (t+1) - BSal (mala_in_ t)) /\ 

(rd (t+1) ■ BSal (rd__ln t)) /\ 

(bw (t+1) « BSal (bw_in t)) /\ 

(ww (t+1) * BSal(ww_in t) ) /\ 

( laat_ (t+1) - BSal ( laat_in_ t)) /\ 

(mrdy_ (t+1) * BSal (mrdy„in_ t)) /\ 

(zaro_cnt (t+1) ■ BSal (zaro_cnt_in t)) /\ 

(rat (t+1) * BSal (rat_in t)) A 

(addraaa_out t - ((atata (t+1) « MA) , (atata (t+1) - MA) ) ) /\ 

( raad_out t * ((atata (t+1) * MR), (atata (t+1) -MR))) A 
(wrlta_out t - ((atata (t+1) * MW), (atata (t+1) - MW))) A 
(byta_writa_out t * { (atata (t+1) ® MBW) , (atata (t+1) — MBW)) ) A 
( mam^anabla out t * ( ( - ( atata ( t +1 ) — MI ) ) # ( * ( atata ( t +1 ) * MI ) ) ) ) 


% 

M-Port Block. 


lat MBlock_OATB - naw_daf inition 
( ' MBlock_GATB ' , 

"! (rap i A RBP_ty) (a t tima->mc_stata) (a 1 1 ima - >mc_anv ) (p : t ima - >mc_out ) . 

MBlock_GATB rap a a p * 

? (mala mam^anabla wr rd_mam wr_mam rdy_outQ ardy ww bw : tima->bool#bool) 
(addraaa raad writa byta_writa zaro_cnt rdy : tiaa->bool#bool) 

( count_inDN count_ini*D wwdal_inD wwdal_outQ adac_la : tima->bool#bool) 
(mb_wr_an_ rdy_outQ ardy_ adac_an datact_inS : tima->bool#bool ) 
(manparity_inS mamparity_inR mamparity_inB j t ima - >bool#bool ) 
(m_datact_outQ : tima- >bool# bool) 

(ba data_out datact_out mb_data_out mb_adata_out s tima->wordn#wordn) 
(m_data_outQ t tima->wordn#wordn) . 

(NOT_GATB (aig I_mala_B a) mala) /\ 

(SB_Logic_GATB (aig I_ad_inB a) mala mam_«n*bl« M_aaS a) 

(aig MB_ca_aaprom_0 p) (aig MB_ca_aranL.O p) ) A 

(WR_Logic_GATB (aig I_ad_inB a) mala mam^anabla (aig M_wrS a) wr 
rd_mam wr_xnam) /\ 
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(Addr_Ctr_OATB (sig I_ad_lnE •} mala rdy_outQ {sig M_addrS a) 

( a ig MB_addrO p ) ) / \ 

(BB_Logic_OATE (aig I_ba_B a) mala ardy wr_mam (aig M_baS a) ba ww bw) /\ 
( Rdy_Log ic_GATB writa raad zaro_cnt wr_mam rdy) /\ 

(Ctr_Logic_GATB (aig MB_cs_aaprom_0 p) count_inDN count_inLD 
(aig M_countS a) zaro_cnt) /\ 

(OR2_OATB writa raad count _inDN) / \ 

( OR2_OATB addraaa byta_writa count_inLD) i \ 

(AND2_0ATE ww addraaa wwdal_inD) / \ 

(DLatB_<3ATB wwdal_inD (aig M_wwdalS a) wwdal_outQ) A 
(Enabla_Logic_OATB (aig MB_ca_aapronuO p) rd_mam addraaa raOd writa 
byta_writ a wwdal_outQ (aig Diaabla_aapromB a) 

(aig Diaabla_writaaE a) (aig MB_oa_0 p) adac_la 
(aig MB_wa_0 p) mb_wr_an_) /\ 

(DFFA_OATB rdy (aig M_rdyS a) rdy_outQ) A 
(Srdy_Logic_OATB wr rdy rdy_outQ ardy_) A 
(TRIBUF_OATB ardy_ mam_anabla (aig l_ardy_0 p) ) / \ 

( NOT_QATB ardy_ ardy} A 

(NOT_QATB (aig Bdac_an_B a) adac.an) /\ 

(BDAC_Dacoda_Logic_OATB rap (aig MB_data_inB a) adac__an data_out 

datact_out) /\ 

( Raad_Latchas_GATE rap data_out adac_an adac_la datact_out datact_inS 
(aig M_rd_dataS a) (aig M_datactS a) m_data_outQ 
m^datact_outQ) /\ 

( TRIBUFn_GATB m_data_outQ rd_mam (aig I_ad_outO p) ) /\ 
(Datact_Bnabla_Logic_OATB adac_an rd_mam datact_inB) /\ 
(Wux_Out_Logic_OATB m_data_outQ (aig I_ad_inB a) ba mb_data_out ) / \ 

( Bnc_Out_Logi c^OATB rap mb_data_out mb_adata_out ) /\ 

( TRINBUFn_OATK mb_adata_out mb_wr_an_ (aig MB_da t a_ou t O p) ) / \ 
(Hamparity_In_Logic_OATB ardy mam_anabla m_datact_outQ (aig RatB a) 

(aig Raaat_parityE a) mamparity_inS 
mamparity_inR mampar ity_inB ) /\ 

( DSRBLatB_OATB OND mampar ity_inS mampar ity_inR mampar ity_inK 
(aig H_parityS a) (aig MB^parityO p) ) /\ 

(FSM_GATB (aig I_mala_B a) rd_mam bw ww (aig I_laat_B a) (aig I_mrdy_B a) 
zaro_cnt (aig RatB a) (aig M_fsm_stataS a) (aig M_f aitL_mala_S a) 
(aig M_fsm_rdS a) (aig M_fam_bwS a) (aig M_f am_wwS a) 

(aig M_f ai^_last_S a) (aig M_f am_mrdy_S a) 

(aig M_f sm_zaro_cntS a) (aig M_fsm_r*tS a) addraaa raad writa 
byta_writa mam_anabla) * 


lat MBlock_RXP * aava_thm 
( 'MBlock_BXP ' , 

( BBTA_RULB 

( RBWRITB_RULB [ SB _ Log ic_OATB ; WR_Logic_OATB ; Addr_Ctr_OATE ; BB_Log i c_OATB / 
Rdy_Logic_OATB ; Ct r_Logic_OATB ; Knabla_Logic_<3ATB ; 
Srdy_Logic_OATB ? BDAC_Dacoda_Logic_QATB ; Raad_Latchaa_QATE / 
Datact_Bnabla_Logic_GATB ; ( BXPAMD_LBT_RULB Hux_Out_Logic_OATK ) ; 
Enc_Out_Logic_QATB / Mampar ity_In_Logic_QATB ; FSM_OATB ; NOT_OATB ; 
OR2_GATB ; AND2_OATB / TRIBUF_GATE ; TRIBUFn_OATB ; TRINBUFn_OATB ; 
DLatB_OATE ; DSRBLatB.OATB ; DPPA_OATB ; ASal ; BSal ; OND ; a ig] 

( SPBC_ALL MBlock_OATB) ) ) 

);; 


cloaa_thaory ( ) ; ; 


% 


Pila: mclock_daf.ini 

Author* (c) D.A. Pura 1992-93 

Data: 1 March 1993 

Thia fila containa tha ml aourca for tha clock- laval apacif ication of tha PIU 
M-Port , an ASIC davalopad by tha Bmbaddad Procaaaing Laboratory, Boaing High 
Tachnology Cantar. Tha bulk of thia coda was tr ana lat ad from an M-languaga 
simulation program using a translator writtan by P.J. Windlay at tha 
Univarsity of Idaho. 
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% 


aat_aaarch_path (aaarch_path ( } fr [ ' /homa/alvia6/dfura/f tap/piu/hol/lib/ * ; 

' /homa/alvia6/dfura/ftap/piu/hol/nii>ort/ ' ; 

' / homa / alvi a 6 / dfura / hoi / Library / aba_t haory / ' ; 
' /homa/alviafi/dfura/hol/Library/toola/ ' ; 

• /homa /alvi a 6 /dfura /hoi /ml / * 

]);; 


ay a taro 'rm mcloc)t_daf . th' ; / 

naw_thaory 4 me lock_da f ' ; / 

loadf ' aba_thaory ' ; / 
loadf ' aux_daf a # ; ; 

map naw_parant [ 'array_daf * ; 'wordn_daC ' ; ' laaa_aq' ] / ; 
map load_parant 1 'piuaux_daf # ; 'aaux_daf 7 1 j ; 

new_typa_abbrav ( ' t imaC ' , "t num" ) ; ; 

lat RBP_ty * aba_typa_info (thaoram 'piuaux_daf ' 'RBP')/> 

% 

Naxt-atata dafinition Cor M-Port inatruction. 


lat MC_NSF « naw_daf inition 
( 'MC_NSF ' , 

(rap : A REP_ty) (a :mc_atata) (a imc_anv) . 

MC_NSF rap a a * 

lat M_f anuatata * M_fam^atataS a and 
M_fam_mala_ - M_f am_jnala_S a and 
M_fam_rd - M„f am„rdS a and 
M_famj3w « M_f am_bwS a and 
M_fam_ww * H_f anuwwS a and 
M_fam_l*»t_ * M_fam_laat_S a and 
H_f am_mrdy_ ■ M_fam_mrdy_S a and 
M_f am_*«ro_cnt « M_f am_zaro_cntS a and 
H_f»m_rat « M_fam_ratS a and 
M_aa ■ M_aaS a and 
M_wr * M_wrS a and 
M_addr * M.addrS a and 
M_ba » M_baS a and 
M_count ■ M_countS a and 
M_rdy * M_rdyS a and 
M_wwdal - M_wwdalfl a and 
M_parity « M_parityS a and 
M_rd_data * M_rd_dataS a and 
M_datact - H_datactS a in 
lat Rat * RatB a and 

Diaabla_aaprom * Diaabla_aapromB a and 
Diaabla_writaa » Diaabla_writaaB a and 
I_ad_in - I_ad_inB a and 
I_mala_ * I_mal a_B a and 
I_laat_ * I_laat_B a and 
I_ba_ * I_ba_B a and 
I_mrdy_ = I_mrdy_B a and 
MB_data_in « MB_data_inB a and 
Bdac_an_ * Bdac_an_B a and 
Raaat_parity * Raaat_parityB a in 
lat naw_M_Cam_atata « 

( (M_£am^rat) ■> MI I 

(M_f am_atata = MI) *> ( < -M_f em_mala_) => MR I MI) I 
(M_f anuatata • MR) *> 

( ( { ~M_f am_mrdy_) /\ M_f am_ww ) ■> MW I 
( ( -M_f am_mrdy_) /\ (M_f am_rd \/ M_f amjaw) ) -> MR I MR) I 
(M_f am_at ata ■ MR) -> 

( (M_f am_bw /\ M_fanL_*aro_cnt ) *> MBW I 
(M_fam^laat_ A M_fam_rd /\ M_f am_zaro_cnt ) -> MR | 

( (~M_fam_laat_) /\ M_fam_rd A M_f anuzaro_cnt) »> MRR I MR) I 
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(M_f am_atata * MRR) *> MI I 
(M_fam_stata = MW) *> 

( (M_f am_zaro_cnt /\ -M_f am_laat_) *> MI | 

(M_fanu 2 «ro_cnt /\ M_f an*_laat_) => MX | MW) | MW) in 
lat addraaa * (naw_M_f am_atata * MX) in 
lat ra ad « (naw_M_f s®_atata * MR) in 
lat writa * (naw_M_f am_atata = MW) in 
lat byta_writa ■ (naw_M_f am_»tata * MBW) in 
lat mam_anabla ■ (- (naw_M_f am_atata * MI)) in 

lat zaro_cnt * (M_count * ((writa \/ raad ) *> (WORDN 1 1) I (WORDN 10))) 
in 

lat naw_M_ia * 

( (-BSal (I_mala_) ) *> (ELEMENT (BSal ( I_ad_in) ) (23)) I M_sa) in 

lat naw_M_wr * 

{ (-BSal(I_mala_) ) -> (ELEMENT (BSal ( I_ad_in) ) (27)) I M_wr) in 

lat naw_M_addr = 

( (-BSal(I_mala_) ) -> (SUBARRAY ( BSal { I_ad_in) ) (18,0)) I 

(M_rdy) ■> (INCN 18 M_addr) | M_addr) in 
lat rd_mam ■ ( (mam_anabla /\ ~M_vrr) , 

(mam_anabla / \ -naw_M_wr) ) in 
lat wr_mam ■ ( (mam_anabla /\ M_wr) , 

(mam_anabla /\ naw_M_wr) ) in 
lat rdy * (((writa /\ zaro.cnt) \/ 

(raad /\ zaro_cnt /\ -ASal ( wr_mam) ) ) , 

((writa /\ zaro_cnt) \/ 

(raad /\ zaro_cnt /\ -BSal ( wr_mam) ) ) ) in 

lat ardy_ * 

( ( - ( (M_rdy /\ -M_wr) \/ (ASal(rdy) /\ M_wr) ) ) , 

(-({M_rdy /\ -naw_M_wr) \/ (BSal (rdy) /\ naw_M_wr) ) ) ) in 
lat naw_M_ba * 

( (-BSal (I_mala_) \/ -BSal ( ardy_J ) => (NOTN 3 (BSal ( I_ba_) ) ) | M_ba) in 

lat naw_M_ count * 

( (addraaa \/ byta_writa) *> 

( ( -mam_anabla \/ naw_M_aa) *> (WORDN 1 1) I (WORDN 12)) I 
(writa \/ raad) *> (DKCN 1 M_count) I M_count) in 
lat naw_M_rdy ■ (BSal(rdy)) in 

lat bw = ( (ASal (wr_mam) /\ -(M_ba * (WORDN 3 15))), 

(BSal (wr_mam) /\ -(naw_M_ba * (WORDN 3 15)))) in 
lat ww * ( (ASal (wr_mam) /\ (M_ba « (WORDN 3 15))), 

(BSal (wr_mam) /\ (naw_M_ba * (WORDN 3 15)))) in 
lat naw_M_wwdal * (BSal(ww) /\ addraaa) in 
lat naw_M_rd_data = 

(raad ■> ( ( -BSal (Bdac_an_) ) => (Bam_Dac rap (BSal (MB_data_in) ) ) 

I BSal (MB_data_in) ) 

I M_rd_data) in 
lat naw_M_datact * 

( ( ( -BSal (Bdac_an_) /\ BSal (rd_mam) ) \/ -BSal (rd_mam) ) 

■ > ( (-BSal (Bdac_an_) ) *> (Ham_Datl rap (BSal (MB_data_in) ) ) 

I (WORDN 30)) 

I M_datact) in 
lat parityS * 

(-BSal (ardy_) /\ mam_anabla 

/\ Ham_Dat2 rap (naw_M_datact , -BSal (Edac_an_) ) ) in 
lat parityR ■ (BSal (Raaat_parity) \/ BSal (Rat)) in 
lat naw_H_parity * 

( (parityS \/ parityR) 

=> ((parityS /\ -parityR) *> T I 
(-parityS /\ parityR) *> P I 
(-parityS /\ -parityR) *> F | ARB) 

I M_parity) in 

lat naw_M_ fa m^mal a_ ■ (BSal { I_mala_) ) in 
lat naw_M_fam_rd » (BSal (rd_mam) ) in 

lat naw_M_£am^bw * (BSal(bw)) in 

lat naw_M_fam_ww * (BSal(ww)) in 

lat naw_M_£am L _laat_ = (BSal ( I_laat_) } in 
lat naw_M_f am L _mrdy_ • (BSal ( I_mrdy_) } in 
lat naw_M_£am_zaro_cnt « iaro_cnt in 
lat naw_M_f an*_rat » (BSal (Rat)) in 

(MCStata naw_M_f am_atata naw_M_f am_mala_ naw_M_fam_rd naw_M_f am__bw 

naw_M_£am_ww naw_M_f am L _laat_ naw_M_f am_mrdy_ naw_M_f am_zaro_cnt 
naw_M_f am_r at naw_M_aa naw_M_wr naw_M_addr naw_M_ba naw_M_ count 
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naw_M_rdy naw_M_wwdal naw_M_parity naw_M_rd_data naw_M_datact ) " 

) ; ; 

lat MC_NSF_RBW = aava_thm 
( ' MC_NSF__RBW ' , 

(RBWRITE_RULB [ASal/BSal] MC_NSF) 

);; 


% 

Output dafinition for M-Port instruction. 


lat MC_OF * naw_daf inition 
( ' MC_OF ' f 

" j (rap : A RBP_ty) (• tmc.stata) (a ;mc_anv) 

MC_OF rap a a * 

lat M_f*nL.*tata = M_fam_atataS a and 
M_f *m_mala_ = M_fam_mala_S ■ and 
M_f am_rd « M_f »m_rdS a and 
M_f*m_bw * M_fara_bwS • and 
M_f im_ww * M_f am_wwS a and 
H_fam_laat_ * M_f am_laat_S a and 
M_f am_mrdy_ * M_f »n\_mrdy_S a and 
M_f in_ 2 aro_cnt = M„f am_zaro_cntS a and 
M_fam_rat * M_fam_ratS a and 
M_aa « M_aaS a and 
M_wr * M_wrS a and 
M_addr * M_addrS a and 
M_ba * M_baS a and 
M_ count ■ M_ counts a and 
H_rdy ■ M_rdyS a and 
M_wwdal = M_wwdalS a and 
M _parity * M_paritys a and 
M_rd_data ■ M_rd_dataS a and 
M_datact - K_da tacts a in 
lat Rat * RatB a and 

Disabla_aaprom ■ Diaabla_aapromB a and 
Diaabla_writaa ■ Diaabla_writaaB a and 
I_ad_in * I_ad_inB a and 
I_mala_ * I_mala_B a and 
I_laat_ - I_laat_B a and 
I_ba_ * I_ba_K a and 
I_mrdy_ = I_mrdy_B a and 
MB_data_in ■ MB_data_inB a and 
Bdac_an_ ■ Bdac_an_B a and 
Raaat_parity * Raaat_parityB a in 
lat naw_M_f anu*tata * 

((M_fanur»t) -> MI I 

(M_fam_atata * MI) *> ( (-M_f am_mala_) => MA l MI) I 
(M_fam_atata ■ MA) *> 

( ( ( ~M_f am_mrdy_ ) /\ M_fam_ww) *> MW I 

( (~M_f am_mrdy_) /\ (M_fam_rd \/ M_f an*_bw) ) *> MR I MA) I 
( M_f ibl> t at a * MR) => 

( (M_f am_bw /\ M_f*nL.*«ro_cnt) -> MBW | 

(M_fsiO.**t_ /\ M.fanurd /\ M_f am^zaro.cnt ) => MA I 
{ (-M_fam_l*»t_) /\ M_fam_rd /\ M_fanu*« ro_cnt) *> MRR I MR) | 

(M_f am^atata * MRR) *> MI I 
(M_f anv_»tata - MW) *> 

( (M_f anv_zaro_cnt /\ ~M_f am_laat_J *> MI I 
(M_f aia_*aro_cnt /\ M_f anv_laat_) «> MA I MW) I MW) in 
lat addraaa ■ (naw_M_f am_atata * MA) in 
lat raad * (naw_M_f am^*tata * MR) in 
lat writa ■ (naw_M_f am_atata * MW) in 
lat byta_wr ita * (naw_M_f am_*tata - MBW) in 
lat manv_a^<d>i* * ( - (naw_M_f am^atata * MI) ) in 

lat zaro_cnt * (M_count * ((writa \/ raad ) *> (WORDN 1 1) I (WORDN 10))) 
in 

lat naw_M_sa * 

( (~BSal(I_mala_) ) -> (BLKMBNT (BSal { I_ad_in) ) (23)) | M_aa) in 

lat naw_M_wr - 

( (~BSal(I_mala_) ) ■> (BLKMBNT (BSal { I_ad_in) ) (27)) l M_wr) in 

lat naw_M_addr * 
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( (-BSel (I_male_) ) «> (SUBARRAY (BSel < I_ad_in) ) (18,0)) I 

(M_rdy) «> (INCN 18 M_addr) | M_addr) in 
let rd_mem = ( (mem_enable /\ -M_wr) , 

(mem_enable / \ -n*w_M_wr ) ) in 
let wr_mem = ( (mem_ enable /\ M_wr) , 

(mem_enable / \ new_M_wr) ) in 
let rdy * (((write /\ zero_cnt) \/ 

(read /\ zero_cnt /\ -ASel ( wr_m*m) ) > , 

((write /\ zero_cnt) \/ 

(read /\ zero_cnt /\ -BSel ( wr_mem) ) ) ) in 

let erdy_ * 

((-((M_rdy /\ -M_wr ) \/ (ASel(rdy) /\ M_wr) ) ) , 

(~((M_rdy /\ -new_M_wr ) \/ (BSel (rdy) /\ new_H_wr) ) ) ) in 

let new_M_be = 

( (-BSel(I_male_) \/ -BSel ( ardy_) ) => (NOTN 3 (BSel ( I_be_) ) ) | M_be) in 

let new_M_ count = 

( (address \/ byte_write) => 

( (-mem_«nable \/ new_H_se) -> (WORDN 11) I (WORDN 12)) I 
(write \/ read) «> (DBCN 1 M_count) I M_count) in 
let new_M_rdy * (BSel (rdy)) in 

let bw * ( (ASel <wr_me») i \ - (M_be = (WORDN 3 15))), 

(BSel (wr_mem) /\ -(new_M_be = (WORDN 3 15)))) in 
let ww m ( (ASel (wr_mem) /\ (M_be * (WORDN 3 15))), 

(BSel (vr_mem) /\ <new_M_be * (WORDN 3 15)))) in 
let new_M_wwdel ■ (BSel(ww) /\ address) in 
let new_M_rd_data * 

(read *> ( ( -BSel (Bdac_en_) ) => (Hanv_Dec rep (BSel (MB_data_in) ) ) 

| BSel (MB_data_in) ) 

| M_rd_data) in 
let new_M_detect = 

( ( (-BSel (Hdac_en_) /\ BSel ( rd_mem) ) \/ -BSel (rd_mem) ) 

■> ( ( -BSel (Kdac_en_) ) *> (HauuDetl rep (BSel (MB_data_in) ) ) 

I (WORDN 3 0) ) 

I M_detect) in 
let p&rityS * 

(-BSel ( srdy__) /\ mem_en«ble 

/\ Ham_Det2 rep (new_M_detect , -BSel (Bdac_en_) ) ) in 
let parityR ■ (BSel (Reset_parity) \/ BSel(Rst)) in 
let new_M _parity ■ 

((parityS \/ parityR) 

«> ((parityS /\ -parityR) «> T 1 
(-parityS /\ parityR) *> P I 
(-parityS /\ -parityR) «> F I ARB) 

I M_parity) in 

let new_M_f sm_male_ * (BSel ( I_male_) ) in 
let new_M_£em_rd * (BSel (rd_mem) ) in 
let new_M_f sm_bw - (BSel(bw)) in 
let new_M_f ern^ww « (BSel(ww)) in 
let new_M_fsn^last_ * (BSel ( I_last_) ) in 
let new_M_£sm_mrdy_ * (BSel ( I_mrdy_) ) in 
let new_M_f sm_*ero_cnt ■ 2 ero_cnt in 
let new_M_f snurst * (BSel(Rst)) in 

let I_ad_out * ( ( ( ASel (rd_mem) ) *> BUSN M_rd_data | 0££n) , 

( (BSel (rd_mem) ) «> BUSN M_rd_data | Of fn) ) in 
let I_srdy_ * ( ( (mem_enable) ■> WIRE ( ASel ( ardy_) ) I Z) , 

( ( me m_ enable ) •> WIRE (BSel ( srdy_) ) I Z) ) in 

let MB_addr ■ 

( ( (M_rdy) *> (INCN 18 M_addr) [ M_addr) , 

( (M_rdy) *> (INCN 18 M_addr) I M_addr) ) in 
let odlA - 
(MALTBR 
ARBN 
(7,0) 

( (ELEMENT M_be (0) ) 

»> (SUBARRAY ( ASel ( I_ad_in) ) (7,0)) 

I (SUBARRAY M_rd_dat a (7,0)))) in 

let od2A = 

(MALTBR 

odlA 

(15,8) 

((ELEMENT M_be (1)) 

-> (SUBARRAY ( ASel ( I_ad_in) ) (15,8)) 
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I (SUBARRAY M_rd.dat a (15,8)))) in 

lat od3A * 

(MALTBR 

od2A 

(23,16) 

( (BLBMBNT M_ba (2) ) 

*> (SUBARRAY (ASal ( I_ad_in) ) (23,16)) 

| (SUBARRAY M_rd_dat a (23,16)))) in 

lat od4A * 

(MALTBR 

od3A 

(31,24) 

( {BLBMBNT M_ba (3) ) 

*> (SUBARRAY (ASal ( I_ad_in) ) (31,24)) 

| (SUBARRAY M_rd_data (31,24)))) in 

lat odlB * 

(MALTBR 

ARBN 

(7,0) 

( (BLBMBNT M_ba (0) ) 

«> (SUBARRAY (BSal ( I_ad_in) ) (7,0)) 

| (SUBARRAY M_rd_data (7,0)))) in 

lat od2B * 

(MALTBR 

odlB 

(15,8) 

( (BLBMBNT M_ba (1) ) 

«> (SUBARRAY {BSal ( I_ad_in) ) (15,8)) 

| (SUBARRAY M„rd_dat a (15,8)))) in 

lat od3B * 

(MALTBR 

od2B 

(23,16) 

( (BLKMBNT M_ba (2) ) 

-> (SUBARRAY (BSal ( I_ad_in) ) (23,16)) 

| (SUBARRAY M_rd_dat a (23,16)))) in 

lat od4B » 

(MALTBR 

od3B 

(31,24) 

( (BLBMBNT M_ba (3) ) 

«> (SUBARRAY (BSal ( I_ad_in) ) (31,24)) 

| (SUBARRAY M_rd_dat a (31,24)))) in 
lat MB_data_out ■ (((writa) ■> BUSN (Ham_Enc rap od4A) I Of fn) , 

((writa) -> BUSN (Ham_Enc rap od4B) I Offn)) in 
lat MB_ca_aaprom_ * ( ( -mam^anabla \/ M_sa), ( -maro_anabla \/ naw_M_aa) ) in 
lat MB_ca_aram_ ■ ( ( -manv_anabla \/ -M_aa), ( -mam_anabla \ / ~naw_M_aa) ) in 

lat MB_wa_ * 

( ( - ( (ASal (MB_c»_aaprom_) \/ -ASal (Diaabla__aaprom) ) /\ 

-ASal (Di»abla_writaa) /\ 

(byta_writa \/ writa \/ M_wwdal) ) ) , 

(- ( (BSal (MB_ca_aapranO \/ -BSal (Diaabla_aaprom) ) /\ 

-BSal (Diaabla_writaa) /\ 

(byta_writa \/ writa \/ naw_M_wwdal) ) ) } in 
lat MB_oa_ - ( ( - ( (ASal (rd_mam) /\ addraaa) \/ raad) ) , 

( - ( (BSal (rd_mam) /\ addraaa) \/ raad))) in 
lat MB_parity - (M_parity, naw_M_parity) in 

(MCOut I_ad_out I_ardy_ MB_addx MB_data_out MB_ca_aaprom_ MB_ca_aram_ 
MB_wa_ MB_oa_ MB_parity) " 

);; 

lat MC__OF_RBW * aava_thm 
( * MC_OF_RBW * , 

(RBNRITB_RULB [ASal; BSal] MC_OF) 

)/; 

lat MC_Bxac * naw_daf inition 
( 'MC_Bxac', 

" j (mci i MCI) (a i timaC ->mc_atata) (a : timaC- >mc_anv) (p : timaC - >mc_out ) 

(t : timaC) 

MC_Bxac mci a a p t * T" 
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) M 

let MC_PreC * new_def inition 
( 'MC_PreC', 

" ! (roci iMCI) (a : timeC->mc_atata) (• : timeC->mc_env) (p ; timeC->mc_out ) 

(t ;timeC) 

MC_PreC mci » • p t * T" 

)/; 

let MC_Poatc • new_def inition 
( 'MC_PoetC * t 

"! (rep : A REP_ty) (mci tMCI) (■ i t imeC- >mc_at ate) (e ; timeC->mc_env) 

(p i timeC->mc_out ) (t itimeC) . 

MC_Po»tC rep mci • e p t * 

(s (t + 1) « MC_NSP rep (s t) (e t)) /\ 

(p t * MC_OP rep (e t) (e t))" 

) ; ; 

let MC_Correct * new_def inition 
( 'MC_Correct * , 

"! (rep * A RBP_ty) (mci :MCI) (a : t imeC- >mc_at ate ) (e j timeC->mc_env) 

(p : t imeC - >mc_out ) (t :timeC) . 

MC_Correct rep mci 8 e p t * 

MC_Bxec mci e e p t /\ 

MC_PreC mci 8 e p t 
**> 

MC_PoatC rep mci 8 e p t* 

) ; ; 

let MCSet_Correct * new_def inition 
( 'MCSet_Correct ' , 

"! (rep * A RBP_ty) (8 : t imeC ->mc_at ate) (e : t imeC - >mc_env ) (p :timeC->mc_out) . 
MCSet_Correct rep 8 e p - t(mci:MCI) (tstimeC). MC_Correct rep mci a e p t* 

) ; ; 

let Next_State_THM « TAC_PR0OP 

(([]/ "MCSet_Correct rep a e p *=> (a (t+1) * MC_NSP rep (e t) (e t))"), 
EEWRITB_TAC [MCSet_Correc t / HC_Correct ; MC.Bxec ; MC_PreC ; MC_Poa tC ] 

THEN RBWRITB_TAC 

[ LBPT_ IMP _PORALL_C ONV 
*( !t. 

( 8 ( t + 1) * MC_NSF rep (8 t) (e t) ) /\ 

(p t * MC_OP rep (8 t) (e t))) «■> 

(8 (t+1) = MC_NSP rep (8 t) (e t))"3 
THEN BXISTS_TAC v t : timeC" 

THEN RBWRITB_TAC [ADD_CLAUSES ] 

THEN STRIP_TAC 
) / / 

let M_f am_*tate_ISO * eave_thm 
( *M_f 8m_8tate_IS0 ' , 

( DISCH_ALL 
(RBWRITB_RULB 

IBXPAND_LBT_RULB MC_NSF_RBW; M_f anuatateS) 

<SUBS_OCCS [( (2] ,0NDISCH (Next_State_THM) ) ] 

(RBPL <# M_f am_8tateS (b ((t itimeC) + 1))")))) 

) ; i 

let M_f am_male_ISO * aave_thm 
( 'M_f any_male_ISO ' , 

(DISCH_ALL 

(RBWRITE_RULB 

[EXPAND_LET_RULB MC_NSP_RBW/M_f animal e_Sl 
(SUBS_OCCS [ ( [2] f UNDISCH (Next_State_THM) ) ] 

(RBPL "M_f 8m_male_S ( a ((t:timeC) + 1))")))) 

);; 

let M_£aiiurd_ISO = save_thm 
( 'M_fatturd_ISO', 

(DISCH_ALL 

(RBWRITB_RULK 

[EXPAND_LBT_RULB MC_NSF_RBW; M_f snurdS] 
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);/ 


(SUBS_OCCS [ ( [2 3 t UNDISCH (Naxt_Stata_THM) ) ] 

(KBFL "M_f ■m_rdS (a ({tttimaC) + l)) w )))) 


lat M_f am_bw_ISO - aava_thni 
( ‘ M__f am_bw_ISO * , 

(DISCH_ALL 

(RBWRITB.RULB 

[ BXPAND_LBT_RULB MC_NSF_RBW ; M_f am_bwS ] 

(SUBS_OCCS [ { [2] , UNDISCH (Naxt_Stata_THM) ) ] 

(RBFL "M_f »m_bwS (a ((tttimaC) + 1) )")))) 

>;? 

lat M_f amjww_ISO * aava_thm 
( 1 M_£ am_ww_ISO ' , 

(DISCH_AI*L 

(REWRITH_RULK 

[ KXPAND_LET_RULB MC_NSF_RBW ; K_f anL_wwS 3 
(SUBS_OCCS [ { [23 , UNDISCH (Naxt_Stata_THM) ) ] 

(RBFL "M_f «m_wwS (a ((tttimaC) + 1) )*)))) 

);; 


lat M_fam_laat_ISO » aava_thm 
{ 'M_f •n t _la*t_ISO ' , 

(DXSCH_ALL 

(RBWRITB_RULB 

[ RXPAND_LBT_RULB MC_NSF_RBN;M_f anL_laat_S] 

( SUBS_OCCS [ ( [2 ] , UNDISCH (Naxt_Stata_THM) ) ] 

(RBFL *M_f am_laat_S (a ((tttimaC) + l})")))) 

)j ; 

lat M_famjnrdy_ISO * aava_thm 
( ' M_f anumrdy_ISO ' , 

(DISCH_XLL 
( RBWRITB_RULE 

[RXPAND_LBT_RULB MC_NSF_RBW / M_f am_mrdy__S ] 

(SUBS_OCCS [( [ 2 ] , UNDISCH (Naxt_Stata_THM) ) ] 

(RBFL am L _mrdy_S (a ((tttimaC) + 1))")))) 

) ; ; 

lat M_f anv_zaro_cnt_ISO = aava_thm 
( 'M_f am^xaro_cnt_ISO ' , 

(DISCH_ALL 

(RKWRITB.RULB 

[ KXPAND_LHT_RULB MC_NSF_RBW / H_f am_zaro_cntS ] 

( SUBS_OCCS [ ( [ 2 ] , UNDISCH (Naxt_Stata_THM) ) ] 

(RBFL "K_f •m l _zaro_cntS (a ((tttimaC) ♦ 1) )")))) 

) ; ; 


lat M_fam_*at_ISO ■ aava_tl am 
( ' axu^r a t_ISO ' , 

(DISCH.ALL 

(RBWRITB_RULK 

[BXPAND_LBT_RULB HC_NSF_RBW ; M_f am^ratS] 

(SUBS_OCCS [ ( [2] , UNDISCH < Naxt_Stata_THM) ) J 

(RBFL ''M.f am_ratS (a ((tttimaC) + 1))")))) 

) ; ; 


lat M_aa_ISO ■ aava_thm 
( 'M_sa_ISO' , 

(DISCH _ALL 
(RKWRITB_RULK 

[ BXPAND_LBT_RULB MC_NSF_RBW ; M_a a S ] 

(SUBS_OCCS [ ( [2] , UNDISCH (Naxt_Stata_THM) ) 3 

(RBFL "M_aaS (a ((tttimaC) + 1) )")))) 


) /; 


lat M_wr_ISO ■ aava_thm 
( 'M__wr_ISO ' , 

( DISCH JMaL 
(REWRITB.RULB 

[ BXP AND_LBT_RULB MC_NSF_RBW t M_wr S ] 
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(SUBS_OCCS [ ( [2] , UNDISCH (Naxt_State_THM) ) ] 

( RSFL "M_wrS (a ((trtimaC) + 1 ))"))) ) 


1st M_addr_ISO ■ »av«_thm 
( 'M_addr_ISO ' , 

(DISCH_ALL 

(REWRITB_RULE 

[ KXPAND_LBT_RULB MC_NSF_RBW/ M_addrS ] 

(SUBS.OCCS [ ( [2] , UNDISCH (Naxt_Stata_THM) ) ] 

( RSFL "M_addrS (a ((tttimaC) + 1) )")))) 

)/; 


let M_ba_ISO * aava_thm 
( 'M_b«_ISO ' , 

(DISCH_ALL 

(RKWRITB_RULB 

[BXPAND_LBT_RULB MC_NSF_REW; M_b*S ] 

<SUBS_OCCS t ( [2] , UNDISCH <Naxt_Stata_THM) ) ] 

(RSFL "M_baS (a <(t:timaC) +■ 1))")))) 

)/; 

Imt M_count_ISO * aava_thm 
( 'M_count_iso' , 

(DISCH_ALL 
( REWRITB_RULB 

[ RXPAND_LR T_RULS MC_NSF_REW ; M_COUnt S ] 

(SUBS_OCCS [ ( {2] , UNDISCH (Naxt_Stata_THH) ) ] 

(RSFL "M_countS (a ((tttimaC) + I))")))) 

);/ 

let M_rdy_ISO ■ save_thm 
( 'M_rdy_ISO ' , 

( DISCH_ALL 
( RKWRITB_RULB 

[SXPAND_LET_RULB MC_NSF_RKW ; M_rdyS ] 

(SUBS_OCCS [(123, UNDISCH (Next_State_THM) ) ] 

(RSFL *M„rdyS (a ((t:tim«C) + 1 ))"))) ) 

); ; 

let M_wwdel_ISO = aave_thm 
( ' M_wwde l_ISO * , 

(DISCH_ALL 
( RBWRITB_ROLB 

[ RXP AND_LST_RULS MC_NSF_RBWj M_wwdelS J 
(SUBS_OCCS [([23, UNDISCH (Next_State_THM) ) ] 

(RSFL "M_wwdelS (a ((t:tijneC) + 1))")))) 

);; 

let M_parity_ISO ■ eave_thm 
( 'M_parity_ISO ' , 

( DISCH_ALL 
(RKWRITB_RULB 

[EXP AND_LBT_RULE MC_NSF_RBW / M _parityS ] 

(SUBS_OCCS [ ( [2] , UNDISCH (Next_State_THM) } ] 

(RSFL "M_parityS (a ((titimeC) + 1) )")))) 

);/ 

let M_rd_data_ISO * aave_thm 
( 'M_rd_data_lS0' , 

(DISCH_ALL 

(RHWRITB_RULB 

[EXPAND_LET_RULS MC_NSF_RSW ; M_rd_dat aS ] 

(SUBS_OCCS [( [2] /UNDISCH (Next_State_THM) ) ) 

(RSFL *M_rd_dataS (a ((titimeC) + 1) )")))) 

); / 


let M_detect_ISO - eave_thm 
( 'M_detect_ISO * , 

(DISCH_ALL 

(RBWRITE_RULB 

[EXPAND_LST_RULE MC_NSF_RBW/M_detectS] 
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) } t 


(SUBS_OCCS [ ( [2] , UNDISCH (Naxt_Stata_THH) ) ] 

{RBFL "M_datactS (a ((tttimaC) + 1) )")))) 


lat Output_THH - TAC_PROOF 

(([], "MCSat_Corract rap • • p *■> (p t ■ MC_OF rap (at) (at))"), 
RBWRI TB_TAC tMCSat_Corract ;MC_Corract ;MC_Bxec ; MC_PraC/MC_PoatC] 
THEN RBWRX TB_TAC 

t LBFT_IMP_FORALL_CONV 
"(It. 

(a ( t + 1) * MC_NSF rap (a t) (a t) ) /\ 

(p t m MC_OF rap (a t) (a t)}) ■«> 

(p t * MC_OF rap (a t) (a t ) ) "3 
THEN EXISTS_TAC "t : tinaC" 

THEN RBWRITE_TAC [ ADD.CLAUSBS ) 

THEN STRIP_TAC 

) ;; 

let I_ad_out_ISO - aava_thm 
( ' I_ad_out_ISO ' , 

(DISCH_ALL 
( REWRITE_RULB 

[BXPAND_LET_RULB MC_OF_REW; I_ad_outO] 

( SUBS_OCCS [ ( 12] / UNDISCH (Output_THM) ) ] 

(REFL -I_ad_outO (p (t itimaC ) ) ") ) ) ) 

);; 


lat I_ardy_ISO * aava_thm 
( 'I_ardy_ISO' , 

(DISCH_ALL 

(REWRITE_RULB 

[ EXPAND_LBT_RULE MC_OF_REW; l_ardy_0] 
(SUBS_OCCS [ ( [2] 0 UNDISCH ( Output _THM) ) ] 

(REFL "l_ardy_0 (p ( t t timaC) ) " ) ) ) ) 




lat HB_addr_ISO * aava_thm 
( ' MB_addr_ISO ' , 

(DISCH_ALL 
( RBWRITE_RULE 

[ EXPAND_LBT_RULE HC_OF_REW ; HB_addrO ] 

( SUBS_OCCS [ ( 12) , UNDISCH (Output_THM) ) ] 

(REFL "MB_addrO (p ( t i tlmaC ))"))) ) 

);; 


lat MB_data_out_ISO * aava_th» 

( / MB_data_out_ISO ' , 

(DISCH_ALL 
( RBWRITB_RULB 

[SXPAND_LBT_RULB MC_OF_RHW; MB_data_OUt0] 

(SUBS_OCCS [( [2] , UNDISCH (Output_THM) ) ) 

(REFL J 'MB_data_outO (p <t itimaC) )")))) 

);; 

lat MB_ca_aapram^.ISO * aava_thm 
( 'MB_ca_aaprom^ISO ' , 

(DISCH_ALL 

(RKWRITB_RULB 

[BXPAND_LBT_RULB MC_OF_REW ; KB_ca_aaprom^O ] 

( SUBS_OCCS C ( (2 ] r UNDISCH (Output_THM) ) ] 

(RBFL *MB_ca_aaprom_0 (p (t itimaC) )"))) ) 

) /; 

lat MB_ca_aram_ISO - aava.thm 
( 'MB_ca_aram_ISO ' , 

(DISCH_ALL 
( RBWRX TE_RULB 

[EXPAND_LET_RULB MC_OF_RBW ; HB_c a_a r am_0 ] 

( SUBS_OCCS U [2] /UNDISCH ( Output _THM) } ] 

(REFL "HB_ca_aram_0 (p (t t timaC) ) ") ) ) ) 

);; 


82 


lat MB_wa_ISO « aave_thm 
( ' MB_wa_ISO ' , 

(DISCH_ALL 

(RFWRITB_RULB 

[ KXPAND_LKT_RULB MC_OF_RHW ; MB_wa_0 ] 

(SUBS_OCCS [ { [2] ,UNDISCH (Output_THM) ) 1 

(RKFL "MB_wa_0 (p (t itimaC) ) ") ) } ) 

);/ 

lat MB_oa_ISO ■ aava__thm 
( ' MB_oa_ISO ‘ / 

(DISCH.ALL 

(REWRITB_RULK 

[ RXPAND_LET_RULB MC_OF_RBW ; MB_oa_0 ] 

(SUBS_OCCS [ ( [2 ] , UNDISCH (Output_THM) ) ) 

(RJSFL "MB_oa_0 (p (t i timaC) ) -) ) ) ) 

);; 

lat MB_parity_ISO * aava_thm 
( 'MB_parity_IS0 ' , 

(DISCH_ALL 

(REWRITB_RULR 

[KXPAND_LRT_RULB MC_OF_REW;MB_parityO] 

( SUBS_OCCS [ ( [ 2 ] , UNDISCH ( Output_THM ) ) ] 

(RBFL "MBjparityO (p ( t : timaC) ) * ) ) ) ) 

)/> 

clo»a_thaory ( ) / ; 


3.4 R-Port Definitions 

This section contains the theories raux_def, rblockjdef, and rvlock_def, defining the R-Port design. 


File i 
Author s 
Data : 


raux_daf .ml 

(c) D.A. Fura 1992-93 

4 March 1993 


■% 


•at_aaarch_path (*aarch_path( ) ® [ ' /homa/alvia6/dfura/f tap/piu/hol/lib/ ' ; 

• /homa/alvia6/dfura/hol/ Library /tools/ ' 
])/; 


aat_flag ( 'timing' , trua);; 

ayatam 'rm raux_daf . th' / ; 

naw_thaory # raux_daf ' / ; 

map naw_parant [ 'buan_daf ' j ' inaq ' 3 / / 

naw_typa_abbrav ( ' tima ' , M : num" ) j ; 
naw_typa_abbrav ( ' wor dn ' , "x num- >boo 1 " ) ; ; 
naw_typa_abbrav ( ' buan ' , 14 1 num- >wira" ) / ; 

% - 

Abatract data typa for tha R-Port FSM atataa. 


% 


lat rf am_ty_Axiom * 

daflna_typa # rf am_ty_Axiom / 

' rf am_ty * RI I RA I RD'j; 
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% 

Abstract data typa for tha R-Port instruction. 


lat RCI * 

dafina_typa 'RCI' 

* RCI * RC_X ' ; ) 


% 

Abstract data typa for tha stata. 


■% 


lat r_stata * 

dafina_typa # r_stata' 

'x_state = RStata wordn wordn wordn wordn wordn r faulty bool bool 
bool bool bool bool bool bool bool bool bool 
bool bool wordn wordn bool bool bool wordn 
wordn bool wordn bool bool bool wordn wordn 
bool wordn bool bool bool wordn wordn bool 
wordn bool bool bool wordn wordn bool bool 
wordn wordn wordn bool wordn bool wordn bool 
wordn bool ' ? j 

lat R_etrOS * naw_racursiva_daf ini t ion 
falsa 
r_stata 
'R_ctrOS' 

"R_ctrOS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fam_*tata 

R_f am_ala_ R_f snL_mrdy_ R_f sm_last_ R_f sm_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R__c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R^ctrO_ordan R_ctrl_in 
R_ctrl_nrux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R^ctr2_irdan R__ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_jmix_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R. gcr, rdan R_sr R_sr_rdan) 

■ R_ctrO" / ; 

lat R_ctrlS ■ naw_racursiva_daf inition 
falsa 
r_stata 
'R_ctrlS ' 

"R_ctrlS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsn*_»tata 

R_f am u _ala_ R_f sm^mrdy. R_fanL.last_ R_fanL.rat R_intO_dis 
R_int3_dis R_c 0 l_cout _da 1 R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_nmx_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2jmix_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_nrux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R gcr R_gcr_rdan R_sr R_sr_rdan) 

m R_ctrl" / ; 

lat R_ctr2S ■ naw_racursiva_daf inition 
falsa 
r_stata 
'R_ctr2S' 

"R_ctr2S (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsau»tata 

R_f ®m_ala_ R_f sm_mrdy_ R_fsnul«t_ R_f sm_rst R_intO_dis 
R_int3_di§ R_c 0 l_cou t _da 1 R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy__dal_ R_rag_sal 
R_ctrO_in R_ctrO_oux_sal R_ctrO_irdan R^ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
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R_ctr2_irdaa R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordaa R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_aaw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mas)c R_±cr R_icr_rdan R_ccr 
R_ccr_rdaa R_gcr R ocr rdaa R_sr R_sr_rdaa) 

= R_ctr2 ” ; ; 

lat R_ctr3S = naw_racursiva_daf iaitioa 
falsa 
r_stata 
'R_ctr3S * 

w R_ctr3S (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_stata 

R_fsn*_ala_ R_fsm_mrdy_ R_fs«_last_ R__fsm_rst R_iatO_dis 
R_iat3_dis R_c01_cout_dal R_intl_aa R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_del_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdaa R_ctrO_cry 
R_ctrO_aaw R_ctrO_out R_ctrO_ordaa R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdaa R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordaa R_ctr2_ia R_ctr2_inux_sal 
R_ctr2_irdaa R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordaa R_ctr3_ia R_ctr3_mux_sal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_aaw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdaa R_ccr 
R_ccr_rdaa R_gcr R gcr rdan R_sr R_sr_rdan) 

= R_ctr3"; ; 

lat R_busA_latchS = aaw_racursiva_dsf iaition 
falsa 
r_stata 

' R_busA_latchS ' 

"R_busA_latchS (RStata R_ctrO R_ctrl R_ctr2 R__ctr3 R_busA_latch R_fsm^stata 
R_f sm_ala_ R_f sm_mrdy_ R_f sn*_last_ R_fsm_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_iatl_an R_c23_cout_dal 
R_int2_an R_wr R_catlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_raux_sal R_ctrO_irdaa R_ctrO_cry 
R_ctrO_nav R_ctrO_out R_ctrO_ordaa R_ctrl_in 
R_ctrl_raux_sal R__ctrl_irdaa R_ctrl_cry R_ctrl_naw 
R_ctrl_cmt R_ctrl_ordan R_ctr2_ln R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdsn 
R_ctr3_cry R_ctr3_aaw R_ctr3_out R_ctr3_ordan 
R_icr_load R_lcr_old R_icr_mask R_lcr R_icr_rdaa R_ccr 
R_ccr_rdan R_gcr R gcr rdaa R_sr R_sr_rdaa) 

» R_busA_latch"; / 

lat R_fsm_stataS * aaw_racursiva_daf inition 
falsa 
r_stata 
'R_f sm_stataS ' 

"R_f sm_s tataS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsnL.*tata 
R_f siruala_ R_f snL_mrdy_ R_f sm_last_ R_f sm_rst R_iatO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_aa R_wr R_catlatcb_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdaa R_ctrO_cry 
R_ctrO_aaw R_ctrO_out R_ctrO_ordaa R_ctrl_in 
R_ctrl_nnix_sal R_ctrl_irdaa R_ctrl_cry R_ctrl_aaw 
R_ctrl_out R_ctrl_ordan R_ctr2_ia R_ctr2_imix_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordaa R_ctr3_la R_ctr3_mux_sal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdaa R_ccr 
R_ccr_rdaa R_gcr R_gcr_rdaa R_sr R_sr_rdan) 

= R_f sm_stata"/ ; 

lat R_fsm_als_S - naw_racursiva_daf inition 
falsa 
r_stata 
'R__f sm,_ala_S ' 

"R_f sm_ala_S (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsn^_stata 

R__f sm_ala_ R_fsn^_mrdy_ R_f sm^last_ R_f sm_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_iatl_an R_e23_cout_dal 
R_lnt2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
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R_ctrO_in R_ctrO_mux_aal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R__ctrl_jraix_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_imix_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_In R_ctr3_raux_aal R_ctr3__irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R gcr R gcr rdan R_sr R_ar_rdan) 

* R_f am_ala_ w ; ; 

let R_ 1 0 m_mr dy_S = naw_racursiva_daf inition 
falsa 
r_stata 
' R_f an^_mrdy_S ' 

"R_f «m t _mrdy_S (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_bus*_latch K-f an^atata 
R_f em_ala_ R_f anL_mrdy_ R_f *m_laat_ R_fsm_rat R_intO_di* 
R_int3_dia R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_ardy_dal_ R_rag_aal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_*al R_ctrl_lrdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out ICctrl_ordan R w ctr2_in R_ctr2_raux_aal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R__ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_»ux_sal R__ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R^icr.old R_icr_masfc R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R__gcr_rdan R_ar R_ar_rdan) 

* R_f •m L _mrdy_ w ; ; 

lat R_£snL.last_S = naw_racuraiva_daf inition 
f alaa 
r_atata 
'R_f anv_lMt_S ' 

"R_fan*_la»t_S (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_bus*_latch R_faau»tata 
R_fam^ala_ R_f am_inrdy_ R_fsm_last_ R_fauL_rat R_intO_dis 
R__int3_dia K_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_ardy_dal_ R_rag_aal 
R_ctrO_in R_ctrO_mux_aal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R^ctrl_in 
R_ctrl_mux_aal R_ctrl_irdan R_ctrl_cry R^ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_jnux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_aal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_maslt R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R _gcr_rdan R_ar R_ar_rdan) 

* R_f •m_laat_" j ; 


lat R_fanuratS « naw_racuraiva_daf inition 
f alaa 
r_atata 
*R_f sm_rstS # 

"R_f a«_ratS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_bus*_latch R_fsxn_stata 

R_f am_ala_ R_f •m_mrdy_ R_f anul^at_ R_£am^rat R^intO^dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_ardy_dal_ R__rag_aal 
R_ctrO_in R_ctrO_mux_aal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_aal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_xnux_aal 
R_ctr2_irdan R_ctr2_cry R„ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_aal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_lcr_load R_icr_old R_lcr_maak R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_ar R_ar_ rdan) 

* R_fanL_rat' r ; ; 

lat R_intO_diaS ■ na w_racmr a iva_daf inition 
falaa 
r_atata 
'R_intO_disS ' 
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"R_intO_disS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_stata 

R__f sm_ala_ R_f ■m_mrdy_ R_f «m_las t_ R_f sm_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_d«l R_»rdy__dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl__in 
R_ctrl_imix_sal R_ctrl_lrdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_raux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_aal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ord«n 
R_icr_load R_icr_old R_icr_mas)c R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R_sr_rdan) 

= R_intO_dis" ; ; 

lat R_int3_disS = naw_racursiva_daf initlon 
falsa 
r_stata 
'R_int3_disS ' 

"R_int3_disS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_stata 

R_fam_ala_ R_fsm_mrdy_ R_fsm_last_ R_f sm^rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_lntl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_lrdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R__ctr2_±n R_ctr2_nrux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_ln R_ctr3_imix_sal R_ctr3_irdan 
R_ctr3_cry R^ctr3__naw R__ctr3_out R_ctr3_ordan 
R_lcr_load R_icr_old R_icr_mask R__lcr R_lcr_rdan R_ccr 
R_ccr_rdan R_grcr R o cr rdan R_sr R_sr_rdan) 

* R_int3_dis" j ; 

lat R_c01_cout_dalS = naw_racursiva_daf inition 
falsa 
r_stata 

' R_c01_cout_dalS # 

"R_c01_cout_dalS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsin_atata 
R_f ■m_ala_ R_f ■m_mrdy_ R_f sm_last_ R_fsm_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan. R_ctrl_cry R_ctrl_nsw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_jnux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_ln R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R qcr R_qcr_rdan R_sr R_sr_rdan) 

s R_c01_cout_dal"; ; 

lat R_int l_anS = naw_racursiva_daf ini t ion 
falsa 
r_stata 
'R_intl_anS' 

"R_intl_anS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch. R_fsn*_stata 

R_f sm L _ala_ R_f sm u _mrdy„ R_f sm L _last_ R_f sm_r»t R_intO_di« 
R_int3_dls R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_lnt2_an R_vr R_cntlatch_dal R_srdy_dal_ R_raq_sal 
R_ctrO_±n R„ctrO_nnix_sal R_ctrO_lrdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_nmx_sal R_ctrl_irdaa R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_imix_sal 
R_ctr2_lrdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_nrux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordaa 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R qcr rdan R_sr R_ar_rdan) 

= R_intl_an w ; ; 
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l*t R_c23_cout_dalS * aaw_racursiva_daf iaitioa 
fall* 
r_atata 

'R_c23_cout_dalS ' 

"R_c23_cout_dalS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch 

R_fsnuala_ R_f •injnrdy_ R_fai0.ast_ R_fsnurat R_intO_dia 
R_int3_dla R_c01_cout_dal R_iatl_aa R_c23_cout_dal 
R_iat2_aa R_wr R_catlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_aal R_ctrO_irdan R_ctrO_cry 
R_ctrO_aaw R_ctrO_out R_ctrO_ordaa R_ctrl_ia 
R_ctrl_nwx_sal R_ctrl_irdaa R_ctrl_cry R_ct?l_aaw 
R_ctrl_out R_ctrl_ordaa R_ctr2_ia R_ctr2_juux_sal 
R_ctr2_irdaa R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordaa R_ctr3_in R_ctr3_mux_aal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_n»w R_ctr3_out R_ctr3_ordaa 
R_icr_load R_icr_old R_icr_jnaak R_icr R_icr_rdaa R_ccr 
R_ccr_rdaa R _gcr R_gcr_rdan R_ar R_sr_rdaa) 

* R_c23_cout_dal"/ ; 

l#t R_iat2_aaS » aaw_racursivs_daf iaitioa 
falsa 
r_stata 
'R_iat2_aaS' 

*'R_iat2_aaS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fam_«tata 

R_fsm_ala_ R_f am L _mrdy_ R_fam_i*»t_ R_fan^rat R_iatO_dia 
R_iat3_dis R_c01_cout_dal R_iatl_an R_c23_cout_dal 
R_iat2_aa R_wr R_catlatch_dal R_ardy_dal_ R_rag_sal 
R_etrO_ia R_ctrOjmux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_aaw R_ctrO_out R„ctrO_ordaa R_ctrl_ia 
R_ctrl_rmix_*al R_ctrl_lrdaa R_ctrl_cry R_ctrl_aaw 
R_ctrl_out R_ctrl_ordaa R_ctr2_ia R_ctr2_jttux_sal 
R_ctr2__irdaa R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordaa R_ctr3_ia R_ctr3_mux_sal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_aaw R_ct r3_cmt R_ctr3_ordaa 
R_icr_load R_icr_old R_icr_ma»k R_icr R_icr_rdaa R_ccr 
R_ccr_rdaa R_gcr R_gcr__rdaa R_ar R_sr_rdaa) 

« R_iat2_aa" ; i 

lat R_wrS * aaw_ra cura iva_daf iaitioa 
falsa 
r_stata 
'R_wrS ' 

*R_wrS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsn*_stata 

R_f sia_als — R_f anumrdy_ R_f a«L.laat_ R_fsm_rst R_i*tO_dia 
R_iat3_dia R_c01_cout_dsl R_iatl_aa R_c23_cout_dal 
R_int2_an R_wr R_cat latch_dal R_ardy_dal_ R_rsg_aal 
R_ctrO_ia R_ctrO _siux_sal R_ctrO_irdsn R_ctrO_cry 
R_ctrO_aaw R_ctrO_out R_ctrO_ordaa R_ctrl_in 
R_ctrl_aiux_asl R_ctrl_irdaa R_ctrl_cry R_ctrl_aaw 
R_ctrl_out R_ctrl_ordaa R_ctr2_ia R_ctr2_mux_sal 
R_ctr2_irdaa R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordaa R_ctr3_ia R_ctr3_onix_aal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_aaw R_ctr3_out R_ctr3_ordaa 
R_icr_load R_icr_old R_icr_maak R_icr R_icr_rdaa R_ccr 
R_ccr_rdaa R_gcr R_gcr_rdsa R_ar R_ar_rdsa) 

« R_wr" / / 

1st R_catlatch_dslS = aaw_racarsiva_daf iaitioa 
falsa 
r_stats 

'R_catlatch_dalS ' 

"R_catlatch_dalS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_buaA_latch R_f am_atata 
R_fsm_ala_ R_f am_mrdy_ R_fam_last_ R_fsnL-rst R_iatO_dia 
R_iat3„dia R_c01_cout_dal R_iatl_aa R_c23_cout_dal 
R_iat2_aa R_wr R_catlatch_dal R_ardy_dal_ R_rag_aal 
R_ctrO_ia R_ctrO_mux_sal R_ctrO_irdaa R__ctrO_cry 
R_ctrO_aaw R_ctrO_out R_ctrO_ordaa R_ctrl_in 
R_ctrl_mux_aal R_ctrl_irdaa R_ctrl_cry R_ctrl_aaw 
R_ctrl_out R_ctrl_ordaa R_ctr2_ia R„ctr2_mux_aal 
R_ctr2_irdaa R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordaa R_ctr3_ia R_ctr3_mux_aal R_ctr3_irdaa 
Rctr3_cry R_ctr3_aaw R_ctr3_out R_ctr3_ordaa 
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= R_cntlatch_dal" ; ? 


R_icr_load R_icr_old R_icr_mas)c R_lcr R_icr_rdan R_ccr 
R_ccr_rdan R gcr R gcr rdan R_sr R_ar_rdan) 


let R_srdy_dal_S = naw_racursiva_daf inition 
falsa 
r_atata 
'R_srdy_dal_S ' 

"R_srdy_dal_S (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_stata 
R_f am_ala_ R_f am_mrdy_ R_fsm_last_ R_fam_rat R_intO_dis 
R_int3_dia R_c01_cout_dal R_lntl_an R_c23_cd\lt_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_aal 
R_ctrO_in R_ctrO_mux_aal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_ial R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_±n R_ctr2_ntux_aal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_lcr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_ar R_sr_rdan) 

= R_ardy_dal_ w ; / 

let R_rag_salS * naw_racursiva_daf inition 
falaa 
r_atata 
'R_rag_aalS ' 

*'R_rag_salS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_£axn_stata 

R_f am_ala_ R_f am_laat_ R_f snurst R_intO_dis 

R__int3_dia R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_ardy__dal_ R_rag_aal 
R_ctrO_in R_ctrO_nnix_aal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_aal R_ctrl_lrdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_*mix_aal 
R_ctr2__irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_ln R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_lcr_load R_icr_old R_icr_maak R_icr R_lcr_rdan R_ccr 
R_ccr_rdan R_gcr Rgcr rdan R_ar R_sr_rdan) 

* R_rag_aal w ; ; 

let R_ctrO_inS ■ naw_racursiva_daf i nit ion 
falaa 
r_atata 
'R_ctrO_inS ' 

*R_ctrO_inS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_buaA_latch R__f am_»tata 

R_fem l _ala_ R_fsm_mrdy_ R_fanulaat_ R_fsn*_rst H^lntO_d±a 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_ardy_dal_ R_rag_aal 
R_ctrO_in R_ctrO_imix_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
Rctr l_mux_aal R_ctrl_irdan R_ct rl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_jnux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_nmx_aal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R__gcr R _gcr_rdan R_ar R_ar_rdan) 

« R_ctrO_in"; ; 

let R_ctrO_mux_aalS * naw_racuralva_daf inltion 
falaa 
r_atata 

'R_ctrO_mux_aalS ' 

"R_ctrO_mux_aalS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fam^atata 
R_f am_ala_ R_£snumrdy_ R_fam^laat_ R__f sn*_rat R_intO_dia 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_ardy_dal_ R_rag_aal 
R_ctrO_in R_ctrO_mux_aal R_ctrO_irdan R__ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_aal R_ctrl_lrdan R_ctrl_cry R_ctrl_naw 
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R_ctrl_out R_ctrl_ordan R_ctr2_la R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_aaw R_ctr3_out R^ctrS^ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdaa R_ccr 
R_ccr_rdaa R_gcr R_gcr_rdaa R_sr R_sr_rdaa) 

= R_ctrO_mux_ael" ; ; 

lat R_ctrO_irdaaS * naw_racur*iva_daf iaition 
falsa 
r_stata 

'R_ctrO_irdaaS • 

J 'R_ctrO_irdanS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_bus*_latch R_fsm_atata 
R_f am_ala_ R_f *m_mrdy_ R_f am^la#t_ R_f am_rat R_intO_dis 
R_int3_dii R_c01_cout_dal R_iatl_aa R w c23_cout_dal 
R_int2_aa R_wr R_cntlatch_dal R_srdy_dal_ R_rag_aal 
R_ctrO_ia R_ctrO_mux_aal R_ctrO_irdan R_ctrO_cry 
R_ctrO_aaw R_ctrO_out R_ctrO_ordaa R_ctrl_in 
R_ctrl_mux_aal R_ctrl_irdan R_ctrl_cry R_ctrl_aaw 
R_ctrl_out R_ctrl__ordan R_ctr2_ia R_ctr2_jmix_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_aal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdaa R_ccr 
R_ccr_rdaa R_gcr R_gcr_rdan R_er R_sr_rdaa) 

* R_ctrO_irdan" ; ; 

lat R_ctrO_cryS * naw_racmrsiva__da£ iaition 
falsa 
r_stata 
'R_ctrO_cryS ' 

"R_ctrO_cryS (RStata R_ctrO R_etrl R_ctr2 R^ctr3 R_busA_latch R^fsiA.stata 

R_fsnu*l«_ R_f •m_mrdy_ R_f an^las t_ R_fsnurst R_intO_dis 
R_int3_dis R_c 0 l_cout_da 1 R_intl_an R_c23_cout_dal 
R_lnt2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_ia R_ctrO _mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_aaw R_ctrO_out R_ctrO_ordan R_ctrl_ln 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R^ctrl_ordaa R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_jnux_sal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_aaw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_lcr_rdan R_ccr 
R_ccr_rdaa R g cr R gcr rdan R_sr R_ar__rdaa) 

a R_ctrO_cry"; / 

lat R_ctrO_nawS * naw_racurslva_daf initlon 
falsa 

r_stata 
'R_ctrO_aawS ' 

*R_ctrO_aawS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fam_stata 

R_fsBuala_ R_f •m__mrdy_ R_fsm_l**t_ R_fanurst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_aa R_wr R_cntlatch_dal R_ardy_dal_ R_rag_aal 
R_ctrO_ia R_ctrO_mux_aal R_ctrO_irdaa R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordaa R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R^ctrl_aaw 
R_ctrl_out R_ctrl_ordaa R_ctr2_ia R_ctr2_nux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_a aw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_nax_sal R^ctr3_lrdaa 
R_ctr3_cry R_ctr3_aaw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_lcr R_lcr_rdaa R_ccr 
R_ccr_rdaa R_gcr R_gcr_rdan R_sr R__ar_rdaa) 

« R_ctrO_naw"/ ; 

lat R_ctrO_outS = naw_racursiva_daf ini t ion 
falsa 
r_stata 
'R_ctrO_outS ' 

4, R_ctrO_outS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_f snt_«tata 

R_f sm_ala_ R_f «m_mrdy_ R_f am_last_ R_f am_rat R_int 0_dia 
R_int3_dis R_c01_cout_dal R_iatl_aa R_c23_cout_dal 
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R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_»al R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl__out R_ctrl_ordan R_ctr2_in R_c t r 2 _mux_s a 1 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_maa)c R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R__sr_rdan) 

= R_ctrO_out " 7 i 

lat R_ctrO_ordanS = naw_racursiva_daf inition 
falsa 
r_stata 

'R_ctrO_ordanS ' 

"R_ctrO_ordanS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_»tata 
R_fsm_ala_ R_ f s m_mr dy_ R_f »m_last_ R_f sm^rst R_intO__dis 
R_int3_dis R_c01_cout_dsl R_lntl_sn R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_ln R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_imix_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdsn R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_nrux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordaa 
R_icr_load R_lcr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdsn R„gcr R_gcr_rdan R_sr R_sr_rdan) 

= R_ctrO_ordan"; ; 


lat R_ctrl_inS * naw_racursiva_daf inition 
falsa 
r_stata 
' R_ctrl_inS ' 

"R_ctrl_inS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_»tata 

R_f sm_ala_ R_fsm_mrdy_ R_fsm_last_ R_f sm_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux„sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl„mux_aal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R__ctrl_ordan R_ctr2_in R_ctr2_mrux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_rmix_sal R_ctr3_irdan 
R_ctr3_cry R„ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R_ar_rdan) 

■ R_ctrl_in" ; ; 

lat R_ctrl_mux_»alS = naw_ra cur siva_daf inition 
falsa 
r_stata 

'R_ctrl_jnux_salS ' 

*R_ctrl_imix_salS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_*tata 
R_f sm_ala_ R_f sm_mrdy_ R_f sm^last_ R_f sit_rst R_intO_dis 
R_int3_dis R_c 0 l_cou t _da 1 R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_ssl R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R^ctrl_in 
R_ctrl_inux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_nrux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_maak R_icr R^icr_rdan R_ccr 
R_ccr_rdan R_gcr R gcr rdan R_sr R_sr_rdan) 

* R_ctrl_mux_sal" ; ; 

lat R_ctrl_irdanS - naw_racursiva_daf inition 
falsa 
r_stata 
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' R_ctrl_irdanS ' 

"R_ctrl_ird*nS (RStata R__ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R^fsm.stata 
R_f sm_ala_ R_f ■m u _mrdy_ R_f sm_l*»t_ R_f anurst R_±ntO_dis 
R_int3_dia R_c01_cout_dal R_lntl_an R._c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_aal 
R_ctrO_in R_ctrO_mux_aal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R__ctrO_ordan R_ctrl_in 
R_ctrl_imxx_sal R^ctrl.irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_aal 
R_ctr2_irdan R_ctr2_cry R w ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_ln R_ctr3_mux_aal R_ctrJ_irdan 
R_ctr3_cry R^.ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_maak R_icr R_icr_rdan R_ccr 
R_ccr_rdaxx R gcr R__gcr_rdan R_sr R_ar_rdan) 

= R_ctr Iordan" ? / 

l«t R_ctrl_cryS * naw_racursiva_daf ini t ion 
falsa 
r_stata 
'R_ctrl_cryS ' 

"R_ctrl_cryS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch 

R_fsuy_ala_ R_f am_mrdy_ R_f am_last_ R_fs*_rst R_intO_dia 
R_int3_dis R_c01_cout_dal R_intl_an R_c 2 3 _cou t _da 1 
R_int2_an R_wr R w cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_nsux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_aal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R w ctrl_ordan R_ctr2_in R_ctr2_mux_aal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out K_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan, R gcr R_gcr_rdan R_sr R_sr_rdan) 

■ R_ctrl_cry" ; ; 

l*t R_ctrl_nawS * n.aw_racmrsiva_daf i nit ion 
falsa 
r_stata 
'R_ctrl_nawS ' 

"R_ctrl_nawS (RStata R_ctrO R^_ctrl R_ctr2 R_ctr3 R_busA_latch R_fso^stata 

R f sm_ala R_fsiiumrdy_ R_fsm_l*«t_ R_fsm_rst R_intO_dis 

R_int3_dis R_c01„cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_ardy_dal_ R_rag_aal 
R_ctrO_ln R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R w ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_aal 
R_ctr2_irdan R_ctr2_cry R_ctr2_aaw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_aal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_lcr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_ar R_sr_rdan) 

* R_ctrl_naw"; ; 

lat R_ctrl_outS ■ naw_racursiva_daf inition 
falsa 
r_stata 
'R_ctrl_outS ' 

"R_ctrl_outS (RStata R_ctrO R_ctrl R_ctr2 R^ctr3 R_busA_latch R^fsm_»tata 

R_fsn^_ala_ R_f sm_mrdy_ R_f snL.last_ R_fsn*_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an. R_c23_cout_dal 
R_int2_an R_wr R_cnt latch_dal R_srdy_dal_ R_rag_aal 
R_ctrO_ln R_ctrO _jnux_sal R_ctrO_lrdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ct r l_ordan R_ctr2__in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdaa 
R_ctr3_cry R__ctr3_naw R_ctr3_out R w ctr3_ordan 
R_icr_load R^icr.old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R gcr rdan R_sr R_sr_rdan) 

= R_ctrl_out"; ; 
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let R_ctrl_ordenS = new_re curs ive_def inition 
false 
restate 

# R_ctrl_ordenS ' 

"R_c t r l_or denS (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_bueA_latch R_fsm_*tate 
R_fsm_ale_ R_f snumrdy_ R_fsn*_last_ R_fsm_rst R_intO_dis 
R_int3_dis R_c01_cout_del R_intl_en R_c23_cout_del 
R_int2_en R_wr R_cntlatch_del R_srdy_del_ R_reg_sel 
R_ctrO_in R_ctrO_nrux_sel R_ctrO_irden R_ctrO_cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R_ctrl_nmx_sel R_ctrl_irden R_ctrl_cry R_ctrl_new 
R_ctrl_out R_ctrl_orden R_ctr2_in R_ctr2_mux_eel 
R_ctr2_irden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_mux_#el R_ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R__icr_old R_icr_mask R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rden R__sr R_sr_rden) 

= R_ctrl_orden" t ; 

let R_ctr2_inS = new_recuraive_def inition 
false 
restate 
'R_ctr2_inS ' 

"R_ctr2_inS (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsxc*tate 

R_fsm_ale_ R_f em_mrdy_ R_f sm_last_ R_f em_rst R_intO_die 
R_int3_dis R_c01_cout_del R_int l_en R_c23_cout_del 
R_int2_en R_wr R_cntlatch_del R_erdy_del_ R_reg_sel 
R_ctrO_in R_ctrO_mux_sel R_ctrO_irden R_ctrO_cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R_ctrl_nrux_eel R_ctrl_irden R_ctrl_cry R_ctrl__new 
R_ctrl_out R_ctrl_orden R_ctr2_in R_ctr2_mux_»el 
R_ctr2_irden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_mux_sel R_ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rden R_sr R_sr_rden) 

■ R_ctr2_in" ; / 

let R_ctr2_mux_selS » new_recursive_def inition 
false 
r_state 

'R_ctr2_mux_selS ' 

"R_ctr2_mux_selS (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsnu«tate 
R_f sm„ale_ R_f sm_mrdy_ R_f sm_last_ R_f sm_rst R_intO_dis 
R_int3_dis R_c01_cout_del R_intl_en R_c23_cout_del 
R_int2_en R_wr R_cntlatch_del R_»rdy_del_ R_reg_sel 
R_ctrO_in R_ctrO_Kux_sel R_ctrO_irden R_ctrO_cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R_ctrl_mux_eel R_ctrl_irden R_ctrl_cry R_ctrl_new 
R_ctrl_out R_ctrl_orden R_ctr2_in R_ctr2_mux_sel 
R_ctr2_irden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_mux_sel H^ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rden R_sr R_sr_rden) 

■ R_ctr2_mux_sel"; / 

let R_ctr2_irdenS = new_re cur sive_def inition 
false 
r_state 

' R_ctr2_irdenS # 

"R_ctr2__irdenS (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R„f SBL_state 
R_fsm_ale_ R_f sm L _mrdy_ R_fsm_last_ R_fsnurst R_intO_dis 
R_int3_die R_c01_cout_del R_intl_en R_c23_cout_del 
R_int2_en R_wr R_cntlatch_del R_srdy_del_ R__reg_sel 
R_ctrO_in R__ctrO_mux_sel R_ctrO_irden R_ctrO_cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R_ctrl_nnxx_sel R_ctrl_irden R_ctr l_cry R_ctrl_new 
R_ctrl_out R_ctrl_orden R_ctr2_in R_ctr2_mux_sel 
R_ctr2_irden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_mux_sel R_ctr3_irden 
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R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_maak R_icr R_icr_rdan R_ccr 
R_ccr_rdaa R_gcr R_gcr_rdan R_sr R_ar_rdan) 

= R_ctr2_irdan"; ; 

let R_ctr2_cryS * naw_racursiva_daf inition 
falsa 
r_stata 
'R_ctr2_cryS * 

"R_ctr2_cryS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_f*nL_*tata 

R_f »m_al*_ R_fam_mrdy_ R_fam_laat_ R__f sm^rsE R_intO_dia 
R_int3_dia R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_*al R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_aal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_nrux„sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_maak R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R_ar_rdan) 

■ R_ctr2_ciry ,T ; / 

let R_ctr2_nawS * naw_ra<rursiva_daf inition 
falsa 
restate 
'R_ctr2_nawS J 

"R_ctr2_nawS (RStata R_ctrO R_ctrl R__ctr2 R_ctr3 R_busA_latch R_fsm_*tata 

R_fsm^ala_ R_fam_mrdy_ R_fsm_laat_ R_fsn^rst R_intO_dia 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_ardy_dal_ R__rag_aal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_nnix_sal R_ctrl_irdan R_ctrl_cry R^ctrl_naw 
R_ctrl_out R__ctrl_ordan R_ctr2_in R_ctr2_imxx_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_nrux_sal R_ctr3_lrdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
r_1c reload R_icr_old R_icr_maak R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R__gcr_rdan R_sr R_ar_rdan) 

- R_ctr2_naw"/ / 

let R_ctr2_outS * naw_racursiva_daf inition 
falsa 
r_stata 
'R_ctr2_outS ' 

*R_ctr2_outs (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_J>usA_lAtch IL_fsnu»tata 

R_fsnv_ala_ R_fsm_mrdy_ R_fam_last_ R_fsm_rst R_intO_dis 
R_int3_dis R_c01_cout_dal IV^intl^an R_c2 3_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_inux_sal R_ctrO_irdan R_ctrO__cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R et r l_mux_s m 1 R_ctrl_irdan R_ctrl__cry R,_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_nn»_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux__sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R^icr^rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R_ar_rdan) 

■ R_ctr2_out"; j 

lat R_ctr2_ordanfl * naw_r a cur siva_daf inition 
falsa 
r_stata 

'R_ctr2_ordanS ' 

"R_ctr2_ordanS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm^stata 
R_fsnual«_ R_f snc.mrdy_ R_f sm_l**t_ R_fsa^rst R_intO_dis 
R_int3_dia R_c 0 l_cout_da 1 R_intl_an R_c23_cout_del 
R_int2_an R_wr R_cnt latch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_aal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 



R_ctrl_nrux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R„sr_rdan) 

= R_ctr2_ordan w / ; 

1st R_ctr3_inS = naw_racursiva_daf inition 
falsa 
r_stata 
' R_ctr3_inS ' 

"R_ctr3_inS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_bu»A_latch R_fsn*_stata 

R_fsm^ala_ R_f ■m_mrdy_ R_fam^last_ R_£am_r«t R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_nnix_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_nxux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_raux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_ma*k R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R_sr_rdan) 

* R_ctr3_in" ; / 

lat R_ctr3_raux_salS * naw_racursiva_daf inition 
falsa 
r_stata 

'R_ctr3_mux_salS ' 

"R_ctr3_inux_salS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm^stata 
R_f sm_ala_ R_f am L _mrdy_ R_f sm_last_ R_fsnv_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_lnt2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mas)c R_lcr R_icr_rdan R_ccr 
R_ccr_rdan R_ger R_gcr_rdan R_sr R_sr_rdan) 

= R_ctr3_mua_sal" ; ; 

lat R_ctr3_irdanS « naw_racursiva_daf inition 
falsa 
r_stata 

'R_ctr3_irdanS ' 

-R_ctr3_irdanS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsin_atata 
R_fsnuAla_ R_fsnumrdy_ R_fsw_l**t_ R_£sm_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_etrl_±n 
R_ctrl_raux_sal R_ctrl_±rdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ct r 2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R__ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R__sr_rdan) 

* R_ctr3_irden"; j 

lat R_ctr3_cryS ■ naw_racursiva_daf inition 
falsa 
r_stata 
'R_ctr3_cryS ' 

"R_ctr3_crys (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_stata 

R_fsm^ala_ R_f sm_mrdy_ R_fsm_last_ R_fsn*_rst R_intO_dia 
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R_int3_dis R_cGl_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_inux_sal R_ctrO_±rdan R^ctrO^cry 
R_ctrO_naw R_ctrO_out R^ctrO_ordan R_ctrl_in 
R_ctrl_raux_*al R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2__cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3__irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R_sr_rdan)~ 

= R_ctr3_cry" / ; 

lat R_ctr3_nawS * naw_ra<rursiva_daf ini t ion 
falsa 
r_stats 
'R_ctr3_nawS ' 

"R_ctr3_nawS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_f snv_stata 

R_fam_*l«_ R_f sm_mrdy_ R_fsm_l*st_ R_f »m_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cnt latch_dal R_srdy_dal_ R_rsg_ssl 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_naix_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_ma#k R_icr R_icr_rdan R_ccr 
R_ccr_rdan R gcr R_gcr_rdan R_sr R_sr_rdan) 

* R^ctrS^naw"; j 

lat R_etr3_outS > naw__racursiva_daf inition 
falsa 
r_stata 
'R_ctr3_outS ' 

"R_ctr3_outS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_JmsA__l*tch R_fsn*_»tata 

R_f snv_ala_ R_fsn*_mrdy_ R_f »m_last_ R_f sm^rst R_intO_dis 
R_int3_dls R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_lnt2_an R_wr R_cntlatch_dal R_srdy_dal_ R^rag_sal 
R_ctrO_in R_ctrO_mux_»al R_ctrO_irdan R_ctrO_cry 
R_ctrO__naw R_etrO_out R_ctrC__ordan R_ctrl_in 
R_ctrl_raux„sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_lcr_load R_lcr_old R_lcr_ma#Jc R_icr R_lcr_rdan R_ccr 
R_ccr_rdan R_gcr R gcr rdan R_sr R_sr_rdan) 

> R__ct r3_out " ; ; 

1st R_ctr3_ordanS « naw_racur*iva_daf lnltion 

falsa ~ 

r_stata 

'R_ctr3_ordanS # 

"R_ctr3_ordanS (RStata R_ctrO R_ctrl R_ctr2 IL.ctr3 R_J>usA_latch R^fsm_»tata 
R_fsn*_ala_ R_f sm_mrdy_ R_fsi0.ast_ R_fsn^rst R_intO_dis 
R_int3_dls R_c01_cout_dal R_lntl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_ln R_ctrO_raux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R^ctrl_in 
R_ctrl_mux_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_lcr_load R_icr_old R_icr_mas)c R_icr R_icr__rdan R_ecr 
R_ccr_rdan R_gcr R acr rdan R_sr R_sr_rdan) 

* R_ctr3_ordan w ; ; 

l«t R_icr_loadS * naw_racurslva_daf inition 
falsa 
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r_state 
'R_icr_loadS ' 

"R_icr_loadS (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fem_state 

R_£em_*le_ R_f ■m^mrdy_ R_f R_f«n*_r*t R_intO_di* 

R_int3_dis R_c01_cout_del R_intl_en R_c23_cout_del 
R_int2_en R_wr R_cntlatch_del R_srdy_del_ R_reg_sel 
R_ctrO_in R_ctrO_mux_sel R_ctrO_ird*n R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux_sel R_ctrl_irden R_ctrl_cry R_ctrl_new 
R_ctrl_out R_ctrl_orden R_ctr2_in R_ctr2_mux_sel 
R_ctr2_irdan R_ctr2_cry R_ctr2_new R_ctr2_odt 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sel R_ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rdan R_»r R__sr_rden) 

* R_icr_load"; / 

let R_icr_oldS = new_recursive_def inition 
false 
r_state 
' R_icr_oldS ' 

"R_lcr_oldS (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_state 

R_f sm_ale_ R_f sm_mrdy_ R_£»m_l*»t_ R_f sm_rst R_intO_di» 
R_int3_dis R_cO l_cout_del R_intl_en R_c23_cout_del 
R_int2_en R_wr R_cntlatch_del R_srdy_del_ R_reg_sel 
R_ctrO_in R_ctrO_mux_sel R_ctrO_irden R_ctrO__cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R_ctrl_mux_*el R_ctrl_irden R_ctrl_cry R_ctrl_new 
R_ctrl_out R_c t r l_o r den R_ctr2_in R_ctr2_mux_sel 
R_ctr2_lrden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_nrux_sel R_ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_aaek R_±cr R_icr_rden R_ccr 
R_ccr_rden R _gcr R_gcr_rden R_sr R_sr_rden) 

= R_icr_old' r ? ; 

let R_icr_maskS » new_recursive_def inition 
false 
r_state 
• R_icr_maskS ' 

"R_icr_maskS (RState R.ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm^state 

R_f sm L _ale_ R_f snunirdy_ R_f »n*_l*st_ R_f sm_rst R_intO_dis 
R_int3_dis R_c 0 l_cout_de 1 R_intl_en R_c23_cout_del 
R_int2_en R_wr R_cntlatch_del R_srdy_del_ R_reg_sel 
R_ctrO_in R_ctrO_mux_sel R_ctrO_irden R_ctrO_cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R_ctrl_imix_*el R_ctrl_irden R_ctrl_cry R_ctrl_new 
R_ctrl_out R_ctrl_orden R_ctr2_ln R_c t r 2 _mux_ ■ e 1 
R_ctr2_lrden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_mux_sel R_ctr3_lrden 
R_ctr3_cry R^ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_maek R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rden R_sr R_sr_rden) 

= R_icr_mask" ; ; 

let R_icrS = new_re cur sive_def inition 
false 

restate 
' R_icrs ' 

"R_icrs (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_state 

R_f sm L _ale_ R_f sm_mrdy_ R_f sm_lest_ R_f sm^rst R_intO_dis 
R_int3_dis R_c01_cout_del R_int l_en R_c23_cout_del 
R_int2_en R_wr R_cntlatch_del R_srdy_del_ R_reg_sel 
R_ctrO_in R_ctrO_mux_sel R_ctrO_irden R_ctrO_cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R_ctrl_mux_sel R_ctrl_irden R_ctrl_cry R_ctrl_new 
R_ctrl_out R_ctrl_orden R_ctr2_in R_ctr2_mux_sel 
R_ctr2_irden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_mux_sel R_ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rden R_sr R_sr_rden) 
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R_1 cr"/ / 


lat R_icr_rdanS ■ naw_racursiva_daf ini t ion 
falsa 
r_stata 
'R_icr_rdanS ' 

"R_icr_rdanS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_»t»ta 

R_f am_ala_ R_f am_mrdy_ R_fsit_last_ R_fsnv_rst R_intO_dis 
R_int3_d±a R_c01_cout_dal R_±ntl_an R_c23_cout_dal 
R_±nt2_an R_wr R_cntlatch_dal R_ardy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl_mux__sal R_ctrl__irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_aal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2„out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mas)c R_icr R_icr_rdan R_ccr 
R_ccr_rdan R_gcr R„gcr_rdan R_sr R_sr_rdan) 

= R_icr_rdan" / ; 

lat R_ccrS * naw_racursiva_daf inition 
falsa 
r_stata 
'R_ccrS ' 

"R_ccrS (RStata R_ctrO R_ctrl R_ctr2 R^ctr3 R_busA_latch R_fsm_»tata 

R_fan^_ala_ R_f sm_mrdy_ R_fsnL_last_ R_fsm_rat R_intO_dia 
R_int3_dis R^c01_cout_dal R_iatl_aa R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rsg_sal 
R_ctrO_in R u _ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R^ctrC^ordan R u _ctrl_in 
R_ctrl_mux_aal R_ctrl_irdsn R_ctrl_cry R_ctrl_nsw 
R_ctrl_out R_ctrl_ordan R_ctr2_ln R_c t r2_mux_s a 1 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R^ctr3_in R_ctr3_mux_aal R^ctrS^irdan 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordan 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rdan R_ccr 
R_ccr_rdan R gcr R qcr rdan R_sr R_sr_rdan) 

* R_ccr"; ; 

lat R_ccr_rdanS * naw_raeursiva_daf inltlon 
falsa 
r_stata 
'R_ccr_rdanS ' 

"R_ccr_rdanS (RStata R_ctrO R^ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_stata 

R_fsm L _ala_ R_f sm_mrdy_ R_fsiO*ast_ R_fsm_rst R_intO_di* 
R_lnt3_dis R_c 0 l_cout_da 1 R_intl_an R_c2 3_cout_dal 
R_int2_aa R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_in R_ctrO_mux_sal R_ctrO_irdan R_ctrO_cry 
R_ctrO_naw R^_ctrO_out R_ctrO_ordan R_ctrl_in 
R_ctrl _jmix_sal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_irdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
R_ctr2_ordan R_ctr3_in R_ctr3_mux_sal R_ctr3_irdaa 
R_ctr3_cry R_ctr3_naw R_ctr3_out R_ctr3_ordaa 
R_icr_load R_icr_old R_icr_mask R_icr R_icr__rdan R„ccr 
R_ccr_rdan R_gcr R_gcr_rdan R_sr R_sr_rdaa) 

* R_ccr_rdan w / / 

lat R CTcrS m nav.ra curs iva_dafinit ion 
falsa 

r_stata 
"R_gcrS ' 

"R_gcrS (RStata R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fsm_stata 

R_fsm_ala_ R_f sm_mrdy_ R_fsm^last_ R_fsin_rst R_intO_dis 
R_int3_dis R_c01_cout_dal R_intl_an R_c23_cout_dal 
R_int2_an R_wr R_cntlatch_dal R_srdy_dal_ R_rag_sal 
R_ctrO_ia R_ctrO_mux_sal R^ctrO.irdan R_ctrO_cry 
R_ctrO_naw R_ctrO_out R_ctrO_ordsa R w ctrl_in 
R_ctrl_nmx_aal R_ctrl_irdan R_ctrl_cry R_ctrl_naw 
R_ctrl_out R_ctrl_ordan R_ctr2_in R_ctr2_mux_sal 
R_ctr2_lrdan R_ctr2_cry R_ctr2_naw R_ctr2_out 
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= R_gcr"; ; 


R_ctr2_orden R_ctr3_in R_ctr3_mux_sel R_ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rden R_sr R_sr_rden) 


let R g cr rdenS = new_recursive_def inition 
false 
r_state 
' R q cr rdenS ' 

"R_gcr_rdens (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R::* sm_state 

R_f sm_ale_ R_f anumr dy_ R_f sm^last _ R_f am_rst R_intO_dis 
R_int3_dis R__cO l_cout_del R_intl_en R_c23_cout_del 
R_int2_en R_wr R„cntlatch_del R_srdy_del_ R_reg_sel 
R_ctrO_in R_ctrO_nnix_sel R_ctrO_irden R_ctrO_cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R_ctrl_nmx_sel R_ctrl_irden R_ctrl_cry R_ctrl_new 
R_ctrl_out R_ctrl_orden R_ctr2_in R_ctr2_mux_sel 
R_ctr2_irden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_mur_sel R_ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rden R_sr R_sr_rden) 

= R q cr rdan" ; ; 

let R_srS * new_recur*ive_def inition 
false 
r_state 
'R_arS ' 

"R_srS (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_busA_latch R_fain_state 

R_f sm L _ale_ R_fsm_mrdy_ R_fsnul»»t_ R_fsm_rst R_intO_dis 
R_int3_dis R_c01_cout_del R_intl_en R_c23_cout_del 
R_int2_en R_wr R_cntlatch_del R_ardy_del_ R_reg_sel 
R_ctrO_in R_ctrO_mux_»el R_ctrO_irden R_ctrO_cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R_ctrl_ntux_sel R_ctrl_irden R_ctrl_cry R_ctrl_new 
R_ctrl_out R_ctrl_orden R_ctr2_in R_ctr2_mux_sel 
R_ctr2_irden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_nxux_sel R_ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rden R_sr R_sr_rden) 

* R_sr " ; i 

let R_sr_rdenS * new_recursive_def inition 
false 
r_state 

# R_ar_rdenS * 

"R_sr_rdenS (RState R_ctrO R_ctrl R_ctr2 R_ctr3 R_£usA_latch R_fsm_atate 

R_f sm^ale_ R_f sm^mrdy. R_fsm_l*st_ R_fsnt_rat R_intO_dis 
R_int3_dis R_c01_cout_del R_intl_en R_c23_cout_del 
R_int2_en R_vrr R_cntlatch_del R_ardy_del_ R_reg_sel 
R_ctrO_in R_ctrO_mux_sel R_ctrO_irden R_ctrO_cry 
R_ctrO_new R_ctrO_out R_ctrO_orden R_ctrl_in 
R__ctrl_mux_sel R_ctrl_irden R_ctrl_cry R_ctrl_new 
R_ctrl_out R_ct r l_orden R_ctr2_in R_ctr2_mujc_sel 
R_ctr2_irden R_ctr2_cry R_ctr2_new R_ctr2_out 
R_ctr2_orden R_ctr3_in R_ctr3_mux_sel R_ctr3_irden 
R_ctr3_cry R_ctr3_new R_ctr3_out R_ctr3_orden 
R_icr_load R_icr_old R_icr_mask R_icr R_icr_rden R_ccr 
R_ccr_rden R_gcr R_gcr_rden R_sr R_sr_rden) 

= R_sr_rden" ; ; 
let State_CASHS * 

prove_cases_thm ( prove _induction_thm restate)/? 

let State_Selectore_Wor)c ■ prove_thm 
( 'State_Selectors_Work' , 

"!sj r_state . 

s » (RState (R_ctrOS s) (R_ctrlS s) (R_ctr2S •) (R_ctr3S s) 

(R_busA_latch 3 s) (R_f aia_stateS s) (R_fsm^ale_S s) 

( R_f sm u _mrdy_S s) (R_f snul**t_S s) (R_fsm_rstS s) 
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( R_int 0_di»S a) (R_int3_diaS •) (R_c01_cout_dalS a) 

(R_intl_anS a} (R_c23_cout_dalS a) (R_int2_anS a) (R_wrS a) 

( R_cnt lat ch_da IS a) (R_ardy_dal_S a) (R_rag_aalS a) 

(R_ctrO_inS a) (R_ctrO_jmix_aalS a) (R_ctrO_irdanS a) 
(R_ctrO_cryS ■ ) (R_ctrO_nawS a) (R_ctrO_outS a) 

<R_ctrO_ordanS a) (R_ctrl_inS a) (R_ctrl_raujL_aalS a) 
(R_ctrl_irdanS a) (R_ctrl_cryS a) (R_ctrl_nawS a) 

(R_ctrl_outS a) (R_ctrl_ordanS a) (R_ctr2_lnfl a) 
(R_ctr2_mux_aalS a) (R_ctr2_irdanS a) (R_ctr2_cryS a) 
(R_ctr2_nawS a) (R_ctr2_outS a) (R_ctr2_ordanS a) 

(R_ctr3_inS a) (R_ctr3_nnix_aalS a) (R_ctr3_irdanS a) 
(R_ctr3_cryS a) (R_ctr3_nawS a) (R_ctr3_outS a) 

(R_ctr3_ordanS a) (R_icr_loadS a) (R_icr_oldfl a) 

(R_icr_maakS a) (R_icrS a) (R_icr_rdanS a) (R_ccrS a) 
(R_ccr_rdanS a) (R_gcrS a) (R gcr rdanS a) (R_arS a) 

( R_a r_rdanS a ) ) * , 

GKN_TAC 

THEN STRUCT_CASES_TAC (SPEC “ajr.aUta* Stata_CASBS) 

THEN RBWRITB_TAC [R_ctrOS; R_ctrlS; R_ctr2S; R_ctr3S; 

R_buaA_latchS / R_f am_atataS; R_f am u _ala_S ; 

R_f ai^_nirdy_S ; R_f ara^laat_S; R_fam_ratS/ R_intO_diaS; 

R_int3_diaS; R^c01_cout_dalS; R_intl_anS/ R_c23_cout_dalS ? 

R_int2_anS ; R_wrS; R_cntlatch_dalS/ R_ardy_dal_S ; 

R_rag_aalS; R_ctrO_inS; R_ctrO_mux_aalS; R_ctrO_irdanS ; 

R_ctrO_cryS/ R_ctrO_nawS; R_ctrO_outSj R_ctrO_ordanS? 

R_ctrl_inS j R_ctrl_mux_aalS; R_ctrl_irdanS; R_ctrl_cryS/ 

R_ctrl_nawfl; R_ctrl_outS; R_ctrl_ordanfl; R_ctr2_inS; 

R_ctr2_nnix_aalS/ R^ctr2_irdanfl; R_ctr2_crySj R^ctr2__nawS; 

R_ctr2_outS/ R_ctr2_ordanS; R_ctr3_inS; R_ctr3_jnux_aalS; 

R_ctr3_irdanfl; R_ctr3_cryS; R_ctr3_nawS; R_ctr3_outS; 

R_ctr3_ordanfl; R_icr_ loads/ R_icr_oldS/ R_icr_/naakS / 

R_icrS; R_icr_rdanS; R__ccrS; R__ccr_rdanS/ R gcrS; 

R_gcr_rdanS; R_arS/ R_ar_rdanS] 

) ;/ 


% 

Abatract data typa for tha anvironmant . 




lat r_anv « 

da f ina_typa ' r_anv ' 

' r_anv * RBnv bool#bool wordntwordn bool# bool bool# bool 
wordntwordn bool# bool booltbool booltbool 
wordntwordn wordntwordn booltbool booltbool 
wordntwordn wordntwordn wordntwordn booltbool 
booltbool wordntwordn ' / ; 

lat RatB ■ naw_racuralva_daf inition 
falaa 
r_anv 
'Rats ' 

"RatB (RBnv Rat I_ad_in I_rala_ I_laat_ I_ba_ I_mrdy_ Diaabla_int 

Diaabla_writaa Cpu_f ail Raaat_cpu Piu_fail Pnn^fail S_atata Id 
ChannallD CB_parity MB_parity C_aa) 

« Rat"; / 

lat I_ad_inB * naw_racrureiva_dafinition 
falaa 
r_anv 
' I_ad_inK ' 

"I_ad_inE (RBnv Rat I_ad_in I_rala_ I_laat_ I_ba_ I_mrdy_ Diaabla_int 

Diaabla.writaa Cpu_fail Raaat_cpu Piu_fail Pranufail S_atata Id 
ChannallD CB_parity HB_parity C_aa) 

* I_ad_in" ; / 

lat I_rala_E * naw_racuraiva_daf inition 
falaa 

r_anv 
' I_rala_B ' 

*I_rala_B (RBnv Rat I_ad_in I_rala_ I_laat_ I_ba_ I__mrdy_ Diaabla_int 

Diaabla_wxitaa Cpu_fail Raaat_cpu Piu_fail Pn*t_fail S_atata Id 
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ChannellD CB_parity MB_parity c_ss) 

= I_rala_" ; ; 

let I_last„B = new_recursive_def inition 
falsa 
r_env 
' I_last_B ' 

"I_laitJ (RBnv Rst I_ad_in I_rale_ I_last_ I_ba_ I_mrdy_ Disable_int 

Disable_writes Cpu_fail Reeet_cpu Plu_fail Prom_f all S_state Id 
ChannellD CB_parity MB_parity C_ss) 

= I_last _" ; ) 

let I_be_E = new_recursive_def inition 
false 
r_env 
' I_be_B ' 

"I_be_E (RBnv Rst I_ad_ln I_rale_ I_last_ I_be_ I_mrdy_ Disable_lnt 

Disable_writes Cpu_fail Reset_cpu Piu__fail Pmn_£*il S_state Id 
ChannellD CB__parity MB_parity C_ss) 

* I_be _" ; } 

let I_mrdy_B * new_recursive_def inition 
false 
r_env 
' I_mrdy_B ' 

"I_mrdy_B {RBnv Rst I_ad_in I_rale_ I_last_ I_be_ I_mrdy_ Disable_int 

Disable_writes Cpu_fail Reset_cpu Piu_fail S_state Id 

ChannellD CB_parity MB_parity C_ss) 

* I_mrdy_' f ; ; 

let Disable_intB = new_re curs ive_def inition 
false 
r_env 

'Disable_intB 1 

"Disable_intB (RBnv Rst I_ad_in I_rale_ I_last_ I_be_ I_mrdy_ Disable_int 
Disable__writes Cpu_fail Reeet_cpu Piu_fail Pnan^fail S_state Id 
ChannellD CB_parity MB_parity C_ss) 

3 Disable_int"/ ; 

let Disable_writesB * new_recursive_def inition 
false 
r_env 

' Disable_wr it esB ' 

"Disable_writesB (RBnv Rst I_ad_in I_rale_ I_last_ I_be_ I_mrdy_ Disablement 
Disable_writes Cpu_fail Reset_cpu Piu_fail Pran_f ail S_state Id 
ChannellD CB_parity MB_parity C_ss) 

* Disable_writes" ; ; 

let Cpu_failB » new_recursive_def inition 
false 
r_env 

'Cpu_f ailB * 

"Cpu_f ailB (RBnv Rst I_ad_in I_rale_ I_last_ I_be_ I_mrdy_ Disable_int 

Disable_writes Cpu_fail Reset_cpu Piu_fail Pmn^fail S_state Id 
ChannellD CB_parity MB_parity C_ss) 

= Cpu_f ail" ; ; 

let Reset_cpuB * new_recursive_def inition 
false 
r_env 

'Reset_cpuB ' 

"Reset_cpuE (RBnv Rst I_ad_in I_rale_ I_last_ I_be_ I_jnrdy_ Disable_int 

Disable_writes Cpu_f ail Reset_cpu Piu_fail Pnnn_fail S_etate Id 
ChannellD CB_parity MB_parity C_ss) 

* Reset_cpu">; 

let Piu_failE * new_recursive_def inition 
false 
r_env 

' Piu_f ailB ' 

"Piu_f ailB (RBnv Rst I_ad_in I_rale_ I_last_ I_be_ I_mrdy_ Disable_int 

Disable_writes Cpu_fail Reset_cpu Piu_fail Pinm_fail S_state Id 
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Channel ID CB_parity MB_parity C_ss) 

■ Piu_fail";; 

l«t Pnan^failE = naw_racursiva_daf tnition 

falsa 

r_anv 

' Pn*H_f ailB * 

(RBnv Rat X_ad_in I_rala_ I_last_ I_ba_ I_mrdy_ Disabla_int 
Disabla_writas Cpu_fall Ra#at_cpu Piu_fail Pmn_fall S_atata Id 
ChannallD CB_parity MB_parity C_ss) 

» Pmm_f all" / ; 

l#t S_stataB = naw_racuralva_daf inltlon 
falsa 
r_anv 
r S_stataB' 

"S_ stataB (RBnv Rst I_ad_in I_rala_ I_last_ I_ba_ I__mrdy_ Dlsabla_int 

Disabla_writas Cpu_fail Rasat_cpu Piu_fail Pnan_f*H S_stata Id 
ChannallD CB_parity MB_parity C_ss) 

» S_stata"; ; 

lat IdB - naw_racursiva_daf inltlon 
falsa 
r_anv 
' IdB ' 

"IdB (RBnv Rst I_ad_in I„rala_ I_last_ I_ba_ I_mrdy_ Disabla_int 

Disabla_wrltas Cpu_fail Rasat_cpu Piu__fail Pn«n_fail S_stata Id 
ChannallD CB_parity MB_parity C_ss) 

« Id"; / 

lat ChannallDB * na w_ra cur siva_daf inltlon 
falsa 
r_anv 

' ChannallDB ' 

"ChannallDB (RBnv Rst I_ad_in I_rala_ I_last_ I_ba_ I_mrdy_ Disabla_int 

Disabla_wrltas Cpu_f ail Rasat_cpu Plu_fail PxoRL_fail S_stata Id 
ChannallD CB_parity MB_parity C_ss) 

= ChannallD";; 

lat CB_parityB « naw_racursiva_daf inltlon 

falsa 

r_anv 

# CB_parity8 ' 

"CB_parityB (RBnv Rst I_ad_in I_rala_ i_last_ I_ba_ I_mrdy_ Disabla_int 

Disabla_writas Cpu_fail Rasat_cpu Piu_fall Pxnnufail S_stata Id 
ChannallD CB_parity MB_parity C_ss) 

■ CB_parity" ; ; 

lat MB_parityB « naw_racursiva_daf inltlon 
falsa 
r_anv 

'MB_parityB ' 

"MB_parityB (RBnv Rst I_ad_in I_rala_ I_last_ I_ba_ I_mrdy_ Disabla_int 

Disabla_wxitas Cpu_fail Rasat_cpu Piu_fall S_stata Id 

ChannallD CB_parity MB_parity C_ss) 

• MB_parity" ; / 

l«t C_ssB « naw_racursiva_daf inltlon 
falsa 

r_anv 
' C_ssB ' 

"C_ssB (RBnv Rst I_ad_in I_rala_ I_last_ I_ba_ I_mrdy_ Disabla_int 

Disabla_writas Cpu_fail Rasat_cpu Piu_fail Pnmufail S_stata Id 
ChannallD CB_parity MB_parity C_ss) 

* C_ss"// 

lat Bnv_CASBS * 

prova_casaa_thm (prova_induction_thin r_anv) ; ; 

lat Bnv_Salactors_Work « prova_thm 
{ 'Bnv_Salactors_Wor)c' , 

"lat r_anv . 
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• * 


( REnv (R»tB •) (I_ad_inB a) (I_rala_E •) (I_laat_B •) (I_ba_B •) 

(I_mrdy_E a) (Disabla_intE a) (Disabla_writasE •) (Cpu_failB a) 
(Raaat_cpuB a) (Piu_failK a) (Pmm_failB a) (S_stataB a) <IdB a) 
(ChannallDK a) (CB_parityB a) (MB_parityB a) (C_ssB a))", 

GBN_TAC 

THBN STRUCT_CASBS_TAC {SPBC "ajr.anv* Bnv_CASBS ) 

THEN RBWRI TB_TAC [RatB; I_ad_inB; I_rala_E; I_last_B; I_ba_B; I_mrdy_K ; 

Disabla_intB; Disabla_wr it aaB; Cpu_failB; Rasat_cpuB; 
Piu_f ailB; Pmm_failE; S_stataB/ IdB; ChannallDK; 
CB_parityK? MB_parityB; C_ssE] 

); ; 


% 

Abstract data type for tha output. 


% 


lat r_out = 

dafina_typa 'r_out' 

'r_out = ROut busn#busn wira#wira bool#bool bool#bool bool#bool 
bool# bool wordn#wordn wordntwordn booltbool 
booltbool * ; ; 

1st I_ad_outO * naw_racursiva_daf ini t ion 
falsa 
r_out 

* I_ad_outO * 

«I_ad_outO (ROut I_ad_out I_srdy_ IntO_ Inti Int2 Int3_ Ccr Lad 
Rasat_arror Pinm_invalid) 

b I_ad_out * ; ; 

lat I_srdy_0 * naw_racursiva_daf inltion 
falsa 
r_out 
1 l_srdy_0' 

"l_srdy_0 (ROut I_ad_out I_trdy_ IntO_ Inti Int2 Iat3_ Ccr Lad 
Rasat_arror Pnsn_invalid) 

* I_srdy_" ; ; 

lat IntO_0 * naw_racursiva_daf inition 
falsa 
r_out 
' IntO_0' 

"IntO_0 (ROut I_ad_out I_srdy_ IntO_ Inti Int2 Int3_ Ccr Lad 
Rasat_arror Pinm_invalid) 

= IntO_* ; ; 

lat IntlO * naw_racursiva_daf inltion 
falsa 

r_out 
' IntlO' 

* IntlO (ROut I_ad_out I_srdy_ IntO_ Inti Int2 Int3_ Ccr Lad 
Rasat_arror PiwiL_invalid) 

= Inti*;; 

lat Int20 * naw_racursiva_daf inition 
falsa 
r_out 
' Int20' 

"Int20 (ROut I_ad_out I_srdy_ IntO_ Inti Int2 Int3_ Ccr Lad 
Rasat_arror Pnm_iavalid) 

= Int2* ; ; 

lat Int3_0 = naw_racursiva_daf inition 
falsa 
r_out 
' Int3_0 ' 

*Int3_0 (ROut I_ad_out I_srdy_ IntO_ Inti Int2 Int3_ Ccr Lad 
Rasat.arror Pi«n_invalid) 

* Int3_" ; / 

lat CcrO * naw_racursiva_daf inition 
falsa 
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r_out 

'CcrO' 

"CcrO (ROut I_ad_out I_srdy_ IntO_ Inti Int 2 Int3_ Ccr Lad 
R«s«t_arror Pranuinvalid) 

= Ccr"/; 

lat LadO = naw_racursiva_daf inition 

falsa 

r_out 
' LadO' 

"LadO (ROut I_ad_out I_srdy_ IntO_ Inti Int 2 Int3_ Ccr Lad 
Rasat.arror Pnn0.nvalid) 

* Lad" ; / 

lat Raaat_arrorO - naw_racursiva_daf inition 
falsa 
r_out 

'Rasat_arrorO ' 

"Ras a t_ar rorO (ROut I_ad_out I_srdy_ IntO_ Inti Int2 Int3_ Ccr Lad 
Rasat_arror Pant^lnvalid) 

» Rasat_arror"; ; 

lat Pmm_invalidO * naw_racursiva_daf ini t ion 
f alsa 
r_out 

' Pimn_ i nva 1 i do ' 

"Pmm__invalidO (ROut I_ad_out I_srdy_ Int 0_ Inti Int2 Int3_ Ccr Lad 
Raaat_arror Pm®_invalid) 

* Pmnuiovalid"; ; 


lat Out_CASBS - 

prova_casa*_thm (prova_induction_thm r_out);; 


lat Out_Salactors_Work * prova_thm 
( ' Out_Salactors_Work ' , 

" ! p * r_out . 

p * (ROut (I_ad_outO p) (I_srdy_0 p) (Int0_O p) (Int 10 p) (Int 20 p) 

(Int3_0 p) (CcrO p) {LadO p) (Raaat_arrorO p) ( Pnnn_i nva lido p))", 

QBN_TAC 

THEN STRUCT_CASBS_TAC (SPBC "pir_out" Out_CASKS) 

THBN RBWRITB_TAC [I_ad_outO; I_ardy _07 IntO_0/ IntlO; Int20; Int3_0; CcrO / 
LadO; R#sat_arrorO; Pmm_invalidO] 




closa_thaory ( ) ; ; 


% 

Filat rblock_daf .ml 

Author; (c) D.A. Fura 1992-93 

Data; 5 March 1993 

This fils contains tha ml sourca for tha gata-laval spacification of tha 
R-Port of tha FTBP PIU, an ASIC davalopad by tha Bmbaddad Procassing 
Laboratory, Boaing High Tachnology Cantar. 


% 

a at aaarch path ( saarch_path( ) <3 [ ' /homa/alvis6/dfura/f tap/piu/hol/rport / ' ; 

1 /hooa/alvisfi/dfura/f tap/piu/hol/lib/ ' ; 

' /hooa/alvis6/dfura/hol/Library/abs_thaory/ ' ; 

' /homa/alvis6/dfura/hol/Library/tools/ ' j 
' /homa/alvis6/dfura/hol/ml/ ' 

]>;; 


sat.flag ('timing', trua) ; ; 
systam 'rm rblock_daf . th # ; / 
naw_thaory ' rblock_daf ' ; / 
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loadf ' aba_thaory # 7 7 
loadf ' aux_daf a ' ; ; 


map naw_parant [ * raux_daf ' / ' wordn_daf * / ' array_daf ' ; ' countara_daf ' ; ' inaq ' ] ; ? 
map load parent [ 'gataa_daf 1 ' ; * ff a__daf ' ; ' latchas_daf ‘ ; 'datapatha_daf 1 ' ; 
'piuaux_daf ' / 'buaai_daf ' ] ; / 


lat RBP_ty = abs_typa_inf o (thaoram 'piua^u^daf' 'RBP ' ) J ; 


-Port controllar atata machina. 


lat FSM_QATB * naw_daf inition 
( ' FSM_OATB ' , 

*• i {ala_in_ mrdy_ln_ la»t_in_ rat_in j tlma->bool#bool) 

(atata £ tima->rf *m L _ty) 

(ala_ mrdy_ laat_ rat : t ima- >bool ) 

(aO_out al_out cntlatch_out ardy_out_ : tlma->bool#bool) . 

FSM_OATB ala_in_ mrdy_in_ laat_in_ rat_in 
ala_ mrdy_ laat_ rat atata 
aO_out al_out cntlatch_out ardy_out_ * 

! ( t : t ima ) . 

(atata (t+1) * 

(rat t) *> RI 1 

((atata t) = RI) ■> ( (-ala_ t) *> RA I RI) I 
((atata t) * RA) -> ((-mrdy_ t) *> RD I RA) I 
<-laat_ t) «> RI I RA) /\ 

(ala_ (t+1) * BSal (ala_in_ t ) ) A 
(mrdy_ (t+1) = BSal (mrdy_in_ t) ) A 
(laat_ (t+1) * BSal (laat_in_ t) ) /\ 

(rat (t+1) « BSal (rat_in t) ) /\ 

( aO_out t - ((atata (t+1) * RD ) , (atata (t+1) - RD) ) ) A 
(al_out t * 

(((atata (t+1) « RA) \/ (atata (t+1) « RD) ) , 

((atata (t+1) « RA) \/ (atata (t+1) « RD) ) ) ) A 
(cntlatch_out t * 

(((atata t * RI) A ~ala_ t), ((atata t = RI) A -ala_ t))) /\ 
(ardy_out_ t * 

((-((atata t « RA) A ~mrdy_ t)), (-((atata t * RA) A ~mrdy_ t))))" 


% 

R_wr latch da£ inition. 




lat Wr_Uat_OATK ■ naw_da£ inition 
( 'Wr_Lat_QATB ' , 

"l ( iad_in : tima- >wordn#wordn) 

( wr_inB wr_outQ t tima->bool#bool) 

(r_wr : t ima- > bool ) 

Wr_Lat_OATK iad_in wr_iaS r_wr wr_outQ ■ 

1 ( 1 1 1 ima ) . 

( r_wr (t+1) * 

(BSal (wr_inB t)) ■> (BLRKBMT (BSal(iad_in t)) (27)) I r_wr t) /\ 

(wr_outQ t - (r_wr t, r_wx (t+1)))* 

) ; ; 


Oanaration logic for control aignala dp_r#ad, r_writa, r_raad, icr_rd_an, 
»rdy_an. 


lat RW_Siga_OATE * naw_daf inition 
( ' RW_Siga_OATB ' , 

« I (r_wr aO al diaabla_writaa dp_raad r_writa r_raad : t ima- > bool# bool) 
(icr_rd_an ardy_an t tima->bool#bool) 

RW_Siga_QATB r_*rr aO al diaabla_writaa dp_raad r_writa r_raad icr_rd_an 
ardy_an * 

! (titima) . 

(dp_raad t * 
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);/ 


( ( (~ASal(r_wr t)) /\ (ASal(sO t) \/ (ASalfsl t) ) ) ) , 

( (-BSsl (r_wr t)) /\ (BSsl ( sO t) \/ (BSsl(sl t)))))) 
( r_ writs t ■ 

( (-ASal(disabls_writas t) /\ ASal(r_wr t) /\ ASal(aO 
ASsl (si t) ) , 

( ~BSsl (diaabls_writaa t) /\ BSsl(r_wr t) /\ BSsl(sO 
BSsl (si t > ) ) ) /\ 


( r_r sad t * 

((~ASsl(r_wr t) A ~ASsl(sO t) A ASsl (si t)), 
(-BSsl(r_wr t) A ~BSsl(aO t) A BSsl (si t ) > ) ) /\ 
( icr_rd_sn t * 

( ( -ASsl ( *0 t) /\ ASsl (si t) ) , 

( -BSsl ( *0 t) A BSsl (si t ) ) > ) /\ 


( srdy_sn t * 

( (ASsl ( sO t) \/ ASsltsl t)), 
(BSsl ( sO t) \/ BSsl (si t))))" 


/\ 

t) 

t) 


/\ 

A 


% 

R_rsg_ssl count sr and logic . 


■% 


1st Rsg_Sal_Ctr_QATB * nsw_dsf inition 
( 'Rag_Sal_Ctr_OATB ' , 

" l (iad_in outQ \ tims->wordn#wordn) 

{inL inU_ : tims->bool#bool ) 

(r_rsg_ssl t tims->wordn) 

Rsg_Ssl_Ctr_QATK iad_in inL inU_ r_rsg_ssl outQ ■ 

! (t x tima) . 

(r_rsg_ssl (t+1) « 

(BSsl (inL t)) *> SUBARRAY (BSsl(iad_in t ) ) (3,0) | 

( -BSsl ( inU_ t)) *> INCN 3 (r_rsg_ssl t) 1 r_rsg_ssl t) A 
(outQ t * 

( ( (-ASsl (inU_ t)) *> INCN 3 (r_rsg_ssl t) I r_rsg_asl t), 

( ( -BSsl ( inU_ t)) INCN 3 (r_rsg_ssl t) | r_rsg_ssl t)))" 
i ;; 


% 

Osnsration logic for rsgistsr fils control signals. 


% 


1st Rsg_Pils_Ctl_QATB » nsw_dsf inition 
( 'Rag_Pila_Ctl_aATE' , 

*! (rsg_ssl t tims->wordn#wordn) 

(writs rsad icr_rd_sn cir_wr01 cir_wr23 c0ir_wr c0ir_rd : tims-> bool# bool ) 
(c0or_rd clir_wr clir_rd clor_rd c2ir_wr c2ir_rd c2or_rd : tim*->bool#bool) 
(c3ir_wr c3ir__rd c3or_rd icr_wr_f ssdbacfc icr_sslsct icr_rd t tims->bool#bool) 
( ccr_wT ccr_rd gcr_wr gcr_rd sr_rd : tims-> bool# bool) . 

Rsg_Fils_Ctl_aATB rsg_ssl writs rsad icr_rd_sn 
cir_wr01 cir_wr23 

cOir_wr c0ir_rd c0or_rd clir_wr clir_rd clor_rd 
c2ir_wr c2ir_rd c2or_rd c3ir_wr c3ir_rd c3or_rd 
icr_wr_f ssdback icr_sslsct icr_rd 
ccr_wr ccr_rd gcr_wr gcr_rd sr_rd * 

1 (t i tiros) . 

(cir_wr01 t * 


( (ASsl (writs 

t) 

A 

( (ASsl (rsg.ssl 

t) = WORDN 

3 

8) \/ 




( ASsl (rsg_ssl 

t) = WORDN 

3 

9))), 

(BSsl (writs 

t) 

A 

( (BSsl (rsg_ssl 

t) - WORDN 

3 

8) \/ 




(BSsl (rsg_ssl 

t ) * WORDN 

3 

9))))) A 

( cir_wr23 t * 







( (ASsl (writs 

t) 

A 

( (ASsl (rsg_ssl 

t) - WORDN 

3 

10) \/ 




( ASsl (rsg_ssl 

t) = WORDN 

3 

11))), 

(BSsl (writs 

t) 

A 

( (BSsl (rsg_ssl 

t ) = WORDN 

3 

10) \/ 




(BSsl (rag_ssl 

t ) « WORDN 

3 

11))))) A 

(c0ir_wr t * 







( (ASsl (writs 

t) 

A 

(ASsl (rag_sal t 

t ) a WORDN 3 

i 8)), 

(BSsl (writs 

t) 

A 

(BSsl (rsg_ssl i 

t) - WORDN 3 

i 8)))) A 


(c0ir_rd t ■ 

( (ASsl (rsad t) A (ASsl (rsg.ssl t) = WORDN 36)), 
(BSsl (rsad t) /\ (BSsl ( rsg_ssl t) & WORDN 3 8)))) A 


(c0or_rd t * 


106 


( {ASel ( read t) /\ ( ASel (reg_eel t) « WORDN 3 12)), 

(BSel ( read t) /\ (BSel(reg_eel t) * WORDN 3 12)))) /\ 

(clir_wr t * 

((ASel (write t) /\ (ASel (reg_sel t) * WORDN 3 9)), 

(BSel (write t) /\ (BSel (reg_sel t) * WORDN 3 9)))) A 

(clir_rd t ■ 

( (ASel (read t) A (ASel (reg_*el t) - WORDN 39)), 

(BSel (read t) /\ (BSel ( reg_eel t) ■ WORDN 3 9)))) A 

(clor_rd t * 

((ASel (read t) /\ ( ASel ( reg_sel t) * WORDN 3 13)), 

(BSel (rtad t) /\ (BSel ( reg_eel t) * WORDN 3 13)))) A 

(c2ir_wr t * 

( (ASel (write t) /\ (ASel (reg_eel t) - WORDN 3 10)), 

(BSel (write t) A (BSel (reg_eel t) * WORDN 3 10)))) A 

(c2ir_rd t ■ 

( (ASel (read t) /\ (ASel ( reg_ael t) - WORDN 3 10)), 

(BSel (read t) A (BSel ( reg_eel t) ■ WORDN 3 10)))) A 

(c2or_rd t * 

( (ASel (read t) /\ ( ASel (reg_sel t) « WORDN 3 14)), 

(BSel (read t) /\ (BSel (reg_eel t) * WORDN 3 14)))) A 

(c3ir_wr t * 

{(ASel (write t) /\ (ASel (reg_eel t) « WORDN 3 ID), 

(BSel (write t) A (BSel ( reg_eel t) * WORDN 3 11)))) A 

(c3ir_rd t * 

((ASeltread t) A {ASel { reg_ael t) * WORDN 3 11)), 

(BSel (read t) A (BSel ( reg_eel t) « WORDN 3 11)))) A 

(c3or_rd t * 

((ASeltread t) A (ASel ( reg_ael t) - WORDN 3 15)), 

(BSel (read t) A (BSel ( reg_eel t) • WORDN 3 15)))) A 

( icr_wr_f eedback t ■ 

{(ASel (write t) A { (ASel (reg_ael t) * WORDN 3 0) \/ 

(ASel (reg_ael t) - WORDN 3 1))), 

(BSel (write t) A ( (BSel (reg_sel t) ■ WORDN 3 0) \/ 

(BSel (reg_eel t) - WORDN 3 1))))) A 

(icr_eelect t * 

( (- {ASel (reg_ael t) » WORDN 3 1)), 

(~(BSel(reg_»el t) - WORDN 3 1)))) A 
(icr_rd t ■ 

( (ASel (icr_rd_en t) A ( {ASel (reg_eel t) - WORDN 30) \/ 

(ASel ( reg_eel t) - WORDN 3 1))), 
(BSel ( icr_rd_en t) A ( (BSel ( reg_eel t) - WORDN 3 0) \/ 

(BSel ( reg_.ee 1 t) - WORDN 3 1))))) A 

(ccr_wr t « 

((ASel (write t) A (ASel (reg_ael t) * WORDN 3 3)), 

(BSel (write t) A (BSel (reg_sel t) • WORDN 3 3)))) A 

(ccr_rd t ■ 

((ASel (read t) /\ (ASel (reg_*el t) ■ WORDN 3 3)), 

(BSel (read t) A (BSel (reg_eel t) ■ WORDN 33)))) A 
( gcr_wr t ■ 

((ASel (write t) A (ASel (reg_eel t) ■ WORDN 3 2)), 

(BSel (write t) A (BSel (reg_eel t) * WORDN 32)))) A 

(gcr_rd t * 

((ASeltread t) A (ASel ( reg_eel t) * WORDN 3 2)), 

(BSel (read t) A (BSel ( reg_eel t) * WORDN 3 2)))) A 

( er_rd t - 

((ASel (read t) A ( ASel (reg_eel t) ■ WORDN 3 4)), 

(BSel ( read t) A (BSel (reg_eel t) * WORDN 3 4))))" 


% 

Input logic for R_intl_en, R_int2_en latchee. 


let Ctr_Int_Logic_OATB - new_def inition 
( 'Ctr.Int.Logi^QATB' , 

"\ (one_ahot interrupt reload cout cout_del cir_vr : time->bool#bool) 
(cout_out int_en_inR int_en_inS int_en_inB c_ld ; time->bool#bool ) . 

Ctr_Int_Logic_OATB one_ehot interrupt reload cout cout_del cir_wr 

cout_out int_en_inR int_en_inS int_en_inB c_ld = 

I ( t : t ime ) . 

( cout out t * {(ASel (cout t) ), ASel (cout t) ) ) A 

(int_en_inR t = 
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( ( (ASal(ona_#hot t) /\ ASal(cout_dal t)) \/ -ASal (intar rupt t)), 

{ (BSal(ona_»hot t) /\ BSal(cout_dal t)) \/ -BSal (intarrupt t)))) /\ 
( int_an_inS t » 

( {AS# 1 ( interrupt t) /\ {(ASal(cout t) /\ ASal(raload t)) \/ 

AS#1 (cir_wr t) ) ) , 

{BS#1 (interrupt t) /\ (<Afl#l(cout t) /\ BS#l(r#load t)) \/ 
BSal(cir_wr t))))) /\ 

( int_an_inB t * 

( (AS#l(int_#n_inR t) \/ AS#1 ( int_an_iaS t) ) , 

(BS#l(int_#n_inK t) \/ BS#1 ( int_an_inS t ) ) ) ) /\ 

( c_ld t * 

( ( ( ASal ( cout t) /\ ASal(raload t) ) \/ ASal(cir_wr t)), 

((ASal(cout t) A BS#1 (reload t)) \/ BSal(cir_wr t)))) w 



Input Xogic for R_int0_an, R_int3 

_an latchaa. 



% 

x#t 

And_Traa_OATE « n#w_d#f inition 








{ ' And_Tr##_OATE ' , 










"\ (icr t tima->wordn#wordn) 









(outO out3 t tima->bool#bool) 








And_Traa_QATB icr 

outO out3 * 








! (titima) . 










(outO t * 










( ( (ELEMENT 

(AS#X ( icr 

t) ) 

(on 

/\ 

(ELEMENT 

(ASaKier t) > (8) ) \/ 


{ELEMENT 

(AS#X ( icr 

t) ) 

an 

/\ 

(ELEMENT 

(ASaKier t) ) (9) ) \/ 


(ELEMENT 

(AS#X( icr 

t) ) 

(2)) 

/\ 

(ELEMENT 

(ASaKier t)) (10)) 

\/ 


(ELEMENT 

(AS#X ( icr 

tn 

(3)) 

/\ 

(ELEMENT 

(ASaKier t)) (11)) 

\/ 


(ELEMENT 

(AS#I ( icr 

t) ) 

(4)) 

/\ 

(ELEMENT 

(ASaKier t) ) (12)) 

\/ 


(ELEMENT 

(AS#X ( icr 

t) ) 

(5)) 

A 

(ELEMENT 

(ASaKier t)) (13)) 

\ i 


(ELEMENT 

(AS#X (icr 

tn 

(6)) 

A 

(ELEMENT 

(ASaKier t)) (14)) 

\ / 


(ELEMENT 

(AS#l(icr 

t) ) 

(7)) 

A 

(ELEMENT 

(ASaKier t) ) (15))) 

9 


( (ELEMENT 

(AS#X ( icr 

tn 

(0)) 

A 

(ELEMENT 

(ASaKier t) ) ( B) > \/ 


(ELEMENT 

(AS#X (icr 

t>) 

cm 

A 

(ELEMENT 

(ASaKier t) ) (9)) \/ 


(ELEMENT 

(AS#X (icr 

t>) 

(2)) 

A 

(ELEMENT 

(ASaKier t) ) (10)) 

\/ 


(ELEMENT 

(AS#X (icr 

t) ) 

(3)) 

A 

(ELEMENT 

(ASaKier t)) (11)) 

\ / 


(ELEMENT 

(ASaKier 

t> } 

(4)} 

A 

(ELEMENT 

(ASaKier t) ) (12)) 

\/ 


(ELEMENT 

(AS#X(icr 

tn 

(5)) 

A 

(ELEMENT 

(ASaKier t) ) (13)) 

\/ 


(ELEMENT 

(AS#X(icr 

t) } 

(6)) 

A 

(ELEMENT 

(ASaKier t } ) (14)) 

\/ 


(ELEMENT 

(AS#l(icr 

tn 

(7)) 

A 

(ELEMENT 

(ASaKier t ) ) (15))))) A 


(out 3 t * 










( ( (ELEMENT 

(AS#l(icr 

t) ) 

(16) ) 

A 

(ELEMENT 

(ASaKier 

t)) (24)) 

\ / 


(ELEMENT 

( AS#X ( icr 

t> ) 

(17) ) 

A 

(ELEMENT 

(ASal (icr 

t)) (25)) 

\/ 


(ELEMENT 

(Afl#X(icr 

t) ) 

(18)) 

A 

(ELEMENT 

(ASaKier 

t)) (26)) 

W 


(ELEMENT 

(AS#l(icr 

t) ) 

(19) ) 

A 

(ELEMENT 

(ASaKier 

tn (27)) 

\/ 


(ELEMENT 

(ASal(icr 

t) ) 

(20)) 

A 

(ELEMENT 

(ASaKier 

tn ( 28 )) 

\/ 


(ELEMENT 

(ASaKier 

t) ) 

(21)) 

A 

(ELEMENT 

(ASal (icr 

tn (29)) 

\/ 


(ELEMENT 

(ASaKier 

tn 

(22)) 

A 

(ELEMENT 

(ASaKier 

tn oo)) 

\/ 


(ELEMENT 

(ASal(icr 

t) ) 

(23) ) 

A 

(ELEMENT 

(ASaKier 

tn on)), 


( (ELEMENT 

(ASaKier 

t) ) 

(16) ) 

A 

(ELEMENT 

(ASaKier 

tn (24)) 

\/ 


(ELEMENT 

(ASaKier 

t) ) 

(17) ) 

A 

(ELEMENT 

(ASaKier 

tn (25)) 

\/ 


(ELEMENT 

(ASaKier 

t) ) 

(18) ) 

A 

(ELEMENT 

(ASaKier 

tn ( 26 )) 

\/ 


(ELEMENT 

(ASal ( icr 

t> ) 

(19) ) 

A 

(ELEMENT 

(ASaKier 

tn (27)> 

\/ 


(ELEMENT 

(ASal ( icr 

t) ) 

(20) ) 

A 

(ELEMENT 

(ASal ( icr 

tn ( 28 )) 

\/ 


(ELEMENT 

(ASaKier 

tn 

(21) ) 

A 

(ELEMENT 

(ASal ( icr 

tn (29)) 

\/ 


(ELEMENT 

(ASaKier 

t) ) 

(22) ) 

A 

(ELEMENT 

(ASaKier 

tn oo)) 

\/ 


(ELEMENT 

>7/ 

(ASaKier 

tn 

(23) ) 

A 

(ELEMENT 

(ASaKier 

tn (3inn)" 


Ganaration Xogic for Int0_ , Int3_ 

signal# 




% 


X#t Rag__Int_Logic_OATB * n#w_d#f inition 
( 'Rag_Int_Logic_QATE ' , 

*! (intO_an intO_di# int3_an int3_dl* di#abla_int intO_ 
int3_ i tlm#->bool#bool) . 

R#g_Int_Logic_OATB intO_an intO_di# int3_#n int3_di# disabla_int intO_ 
int 3_ * 

! ( t : t im# ) . 
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(intO_ t * 

( (- (ASal (intO_an t) 
( - (BSal (intO_an t> 
(int3_ t * 

( (-(ASal(int3_an t) 
( - (BSal (int3_an t) 


/\ -ASal ( int0_dis t) 
/\ -BSal ( int0_dis t) 

A -ASal ( int3_di* t) 
/\ -BSal (int3_dis t) 


/\ -ASal(disabla_int t))), 

/\ -BSal(disabla_int t ) ) ) ) ) A 

A -ASal (di sab la_int t))), 

/\ -BSal(disabla_int t))))) w 


% 

Virtual logic to packaga savaral R-Port inputs into singla SR input word. 


lat SR_Input s_QATH * naw_daf inition 
( ' SR_Input s_OATE ' , 

"l (cpu_f ail rasat_cpu s_stata id channallD c_ss sr_inp t tima->wordn#wordn) 
(piu_£ail pmm_f ail cb_parity mb_parity : t ima - >bool#bool ) . 

SR_Inputs_OATB cpu_fail ra#at_cpu piu_£ail pmm_fail s_stata 

id channallD cb_parity c_ss mb_parity ar_inp * 

l ( t : t ima ) . 

lat al * (MALTBR ARBN (1,0) ( ASal ( cpu_f ail t ) ) ) in 

lat a3 * (MALTBR al (3,2) ( ASal ( rasa t_cpu t))) in 

lat aS * (ALTER a3 (8) (ASal (piu_f ail t) ) ) in 

lat a6 * (ALTER a5 (9) ( ASal (pmm^f ail t))) in 

lat a7 = (MALTBR a6 (15,12) ( ASal ( s_stata t))) in 

lat a8 « (MALTER a7 (21,16) (ASal (id t))) in 

lat a9 * (MALTBR a8 (23,22) ( ASal ( channallD t))) in 

lat alO * (ALTER a9 (24) (ASal (cb_parity t) ) ) in 

lat all * (MALTBR alO (27,25) (ASal(c_ss t))) in 

lat al2 ■ (ALTER all (28) ( ASal (mb_parity t) ) ) in 

lat bl = (MALTBR ARBN (1,0) (BSal ( cpu_fail t))) in 
lat b3 * (MALTER bl (3,2) (BSal (ra sat _cpu t) ) ) in 
lat b5 * (ALTER b3 (8) (BSal (piu_f ail t ) ) ) in 

lat b6 * (ALTER b5 (9) (BSal (ptunu^ail t) ) ) in 

lat b7 * (MALTBR b6 (15,12) (BSal ( s_stata t))) in 

lat b8 - (MALTBR b7 (21,16) (BSal (id t ) ) ) in 

lat b9 * (MALTER b8 (23,22) (BSal ( channallD t))) in 
lat blO * (ALTER b9 (24) (BSal (cb_parity t))) in 

lat bll * (MALTER blO (27,25) (BSal(c_ss t) ) ) in 

lat bl2 « (ALTER bll (28) (BSal (mb_parity t)>) in 
(ar_inp t ■ (al2, bl2))" 




% 

Virtual logic to distributa singla OCR output word as savaral piacas. 


lat GCR_Outputs_OATB - naw_daf inition 

( 'QCR__Outputs_QATK ' , 

"! (gcr_out lad i t ima - >wor dn#wordn ) 

(raloadOl onashotOl intarruptOl anablaOl raload23 t tima->bool#bool) 
(onashot23 intarrupt23 anabla23 raiat.arror pmm_invalid : tima->bool#bool) . 
OCR_Outputs_OATB gcr_out lad raloadOl onashotOl intarruptOl 

anablaOl raload23 onashot23 intarrupt23 anabla23 
rasat_arror pmm_invalid * 

! ( t : t ima ) . 

( lad t * 

( (SUBARRAY (ASal (gcr_out t ) ) (3,0)), 

(SUBARRAY (BSal (gcr_out t)) (3,0)))) /\ 

(raloadOl t ■ 


( (ELEMENT 

(ASal 

(gcr_ 

_out 

t) ) 

(16) ) , 


(ELEMENT 

(BSal 

(gcr_ 

_out 

t) ) 

(16)))) 

A 

(onashotOl t 

m 






( (ELEMENT 

(ASal 

(gcr_ 

out 

t) ) 

(17)), 


(ELEMENT 

(BSal 

(gcr_ 

_out 

t) ) 

(17)))) 

A 

(intarruptOl 

t - 






( (ELEMENT 

(ASal 

(gcr_ 

_out 

t) ) 

(18)), 


(ELEMENT 

(BSal 

(gcr_ 

_out 

t) ) 

(18)))) 

A 

(anablaOl t - 







( (ELEMENT 

(ASal 

(gcr_ 

_out 

t)) 

(19)), 


(ELEMENT 

(BSal 

(gcr. 

_out 

t)) 

(19)))) 

A 

(raload23 t * 






( (ELEMENT 

(ASal 

(gcr_ 

_out 

t)) 

(20)), 
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(BLBMBNT 

(BSal (gcr_out 

t)) 

(20))) ) 

• /\ 

(onaahot23 t 

= 




( (BLBMBNT 

( ASal (gcr_out 

t)) 

(21)), 


(BLBMBNT 

(BSal (gcr_out 

t)) 

(21)))) 

/\ 

(intarrupt23 

t » 




( (BLBMBNT 

(ASal (gcr_out 

t) ) 

(22)), 


(BLBMBNT 

(BSal (gcr_out 

t)) 

(22)))) 

i /\ 

(anabla23 t * 




( (BLBMBNT 

(ASal (gcr_out 

t ) ) 

(23)), 


(BLBMBNT 

(BSal (gcr_out 

tn 

(23))) ) 

l /\ 

( raaat_arror 

t * 




((BLBMBNT 

(ASal (gcr_out 

t>) 

(24)), 


(BLBMBNT 

(BSal (gcr_out 

t) ) 

(24)))) 

i /\ 

(pnnn_ invalid t « 




( (BLBMBNT 

(ASal (gcr_out 

tn 

(28)), 


(BLBMBNT 

(BSal (gcr_out 

t > > 

(28)))) 

1 * 


% — 

R-Port block. 

% 


let RBlock_OATB * naw_daf inition 
{ 'RBlock_GATB ' , 

"1 (rap t *RBP_ty) {• : tima->r_atata) (• : tima->r_anv) (p *tima->r_out) . 

RBlock_OATK rap cap* 

? (fam_aO fsm_al fain_cnt latch f am_ardy_ ardy_an wr_inK : t ima - >bool#bool ) 

(vr_outQ dp_raad r_wrlta r_raad icr_rd_an ardy_an t tima->bool#bool) 
(cl3or_ld ardy dal outQ s t ima- >bool#bool ) 

(rag_aal icr_out BusA buaA_latch_out BuaB_in ccr_out * tima->wordn#wordn) 
(gcr_out ar_inp 1 1 ima - > wor dntwordn ) 

(r_cir_wr01 r_cir_wr23 cOir_wr cOir_rd cOor_rd clir_wr i tima->bool#bool) 
(clir_rd clor_rd c2ir_wr c2ir_rd c2or_rd c3ir_wr : tima->bool#bool) 
(c3ir_rd c3or_rd icr_wr_£aadback icr_aalact icr_rd : tima->bool#bool ) 
(ccr_wr ccr_rd gcr_wr gcr_rd ar_rd icr_ld c01_cout : tima->bool#bool) 
(c01_coutA c23_cout c23_coutA c01_cout_dal_outQ s tima->bool#bool) 
(c23_cout_dal__outQ onaahotOl lntarruptOl raloadOl i tima->bool#bool) 
(intl_an_inR intl_an_inS lntl_an_inK c01_ld onaahot23 i tima->bool#bool) 
(lntarrupt23 raload23 int2_an_inR lnt2_an_inS : t ima- > bool #bool) 

( int2_an_inB c23_ld intl_an_outQ int2_an_outQ : t ima - >bool#bool ) 
(diaabla_int_ intO_an int3_an t tima->bool#bool ) 

(intO_dia_outQ int3_dia_outQ t tima->bool#bool) 

(anablaOl cO_cout c2_cout anabla23 i tiaa- >bool#bool ) 

(BuaA_cO_outl Bu»A_cO_out2 BuaA_cl_outl BuaA_cl_out2 s tima->buan#buan) 
(Bu»A_c2_outl BuaA_c2_out2 BuaA_c3_outl BuaA_c3_out2 i tima->buan#buan) 

( BuaA_icr_out BuaA_ccr_out BuaA_gcr_out BusA_ar_out : t ima->buan#buan) . 

( FSM__OATB (aig I_rala_B a) (aig I_mrdy_B a) (aig I_laat_B a) (aig RatB a) 

(aig R_f am 1 _ala_S a) (aig R_£ Mta^_mrdy_S a) (aig R_f am_laat_S a) 
(aig R_fan*_ratS a) (aig R_f an*_atataS a) 
fam_aO fam_sl fam_cnt latch £am_*rdy_) /\ 

( TRXBDF_OATE fam^ardy. ardy_an (aig l_ardy_0 p) ) /\ 

( NOT_QATB (aig I_rala_B a) wr_inB) /\ 

(Nr_Lat_OATB (aig I_ad_inB a) wr_inB (aig R_wrS a) wr_outQ) / \ 

( RW_S iga_GJATB wr_outQ fam^aO fsm_al (aig Diaabla_writaaB a) dp_ra&d 
r_writa r_raad icr_rd_an ardy_an) /\ 

( DFFA_QATB fam_cnt latch (aig R_cntlatch_dalS a) cl3or_ld) /\ 

( DFFA_GATB fanuardy_ (aig R_ardy_dal_S a) ardy_dal_outQ_) /\ 

(Rag_Sal_Ctr_OATB (aig I_ad_inE a) wr_inB ardy dal outQ 
(aig R_rag_aalS a) rag_aal) /\ 

{Rag_Fila_Ctl_OATB rag_aal r_writa r_raad icr_rd_an 
r_cir_wx01 r_cir_wr23 

cOir_wr cOir_rd cOor_rd clir_wr clir_rd clor_rd 
c2ir_wr c2ir_rd c2or_rd c3ir_wr c3ir_rd c3or_rd 
icr_wr_f aadback icr_aalact icr_rd 
ccr_wr ccr_rd gcr_wr gcr_rd ar_rd) /\ 

( DFF A_OATB icr_wr_f aadback (aig R_icr_loadS a) icr_ld) /\ 

(DFFA_OATB c01_coutA (aig R_c01_cout_dalS a) c01_cout_dal_outQ) /\ 

(DFFA_OATB c23_coutA (aig R_c23_cout_dalS a) c23_cout_dal_outQ) /\ 
(Ctr_Int_Logic_OATB onaahotOl intarruptOl raloadOl c01_cout 

c01_cout_dal_outQ r_cir_wr01 c01_coutA int l_an_inR 
intl_an_inS intl_an_inB c01_ld) A 
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(Ctr_Int_Logic_OATB onaahot23 interrupt 2 3 raload23 c23_cout 

c23_cout_dal_outQ r_cir_wr23 c23_coutA int2_an_inR 
int2_an_inS int2_an__inB c23_ld) /\ 

( DSRELatB_GATB OND intl_an_inS intl_an_inR intl_an_inE {aig R_intl__«iS a) 

int l_an_outQ ) / \ 

(DSRBLatB_QATB OND int2_an_inS int2_an_inR int2_an_inE (Big R_int2_«nS a) 

int2_an_outQ) /\ 

(NOT_GATB (aig Diaabla_intE a) diaabla_int_) /\ 

(AND3_GATB c01_coutA intl_an_outQ diaabla_int_ (aig IntlO p) ) /\ 

(AND3_GATE c23_coutA int2_an_outQ diaabla_int_ (aig Int20 p) ) /\ 

(And_Traa_OATB icr_out intO_an int3_an) A 

( DFFA_GATB intO_an {aig R_intO_diaS a) intO_dia_outQ) /\ 

(DFFA_GATB int3_an {aig R_int3_diaS a) int3_dia_outQ) /\ 

( Rag_int_Logic_OATS intO_an intO_dia_outQ int3_an int3_dia_outQ 
(aig Diaabla^intE •) (aig Int0_O p) (aig Int3_0 p) ) /\ 

( DLa t NA_OATB BuaA (aig R_buaA_latchS a) buaA_latch_out ) /\ 

( TRIBUFn_OATB buaA_latch_out dp_raad (aig I_ad_outO p) ) /\ 

( BUF_OATE (aig I_ad_inB •) BuaB_in) /\ 

(DP_CTR_GATB BuaB_in cOir_wr c01_ld cOir_rd anablaOl VDD fam_cnt latch 
cOor_rd (aig R_ctrO_inS a) (aig R_ctrO_nwx_aalS a) 

(aig R_ctrO_irdanS a) (aig R_ctrOS a) 

(aig R_ctrO_cryS a) (aig R_ctrO_nawS a) 

(aig R_ctrO_outS a) (aig R_ctrO_ordanS a) 

BuaA_cO_outl BuaA_cO_out2 cO_cout) /\ 

( DP_CTR_QATB BuaB_in clir_wr c01_ld clir_rd VDD cO_cout cl3or_ld 
clor_rd (aig R_ctrl_inS a) (aig R_ctrl_mux_aals a) 

(aig R_ctrl_irdanS a) (aig R_ctrlS a) 

(aig R_ctrl_cryS a) (aig R_ctrl_nawS a) 

(aig R_ctrl_outS a} (aig R_ctrl_ordanS a) 

BuaA_cl_outl BuaA_cl_out2 c01_cout) /\ 

(DP_CTR_GATB Bu»B_in c2 ir_wr c23_ld c2ir_rd anabla23 VDD fam_cnt latch 
c2or_rd (aig R_ctr2_inS a) (aig R_ctr2_jnux_aalS a) 

(aig R_ctr2_irdanS a) (aig R_ctr2S a) 

(aig R_ctr2_cryS a) (aig R_ctr2_nawS a) 

(aig R_ctr2_outS a) (aig R_ctr2_ordanS a) 

BuaA_c2_outl BuaA_c2_out2 c2_cout) /\ 

(DP_CTR_OATB BuaB_in c3ir_wr c23_ld c3ir_rd VDD c2_cout cl3or_ld 
c3or_rd (aig R_ctr3_ins a) (aig R_ctr3_mux_aalS a) 

(aig R_ctr3_irdanS a) (aig R_ctr3S a) 

(aig R_ctr3_cryS a) (aig R__ctr3_nawS a) 

(aig R_ctr3_outS a) (aig R_ctr3_ordanS a) 

BuaA_c3_outl BuaA_c3_out2 c23_cout) /\ 

(DP_ICR_GATB rap BuaA BuaB_in icr_wr_f aadback icr_wr_f aadback icr_aalact 
icr_ld icr_rd (aig R_icr_oldS a) (aig R_icr_maakS a) 

(aig R_icrS a) (aig R_icr_rdanS a) BuaA_icr_out icr_out) /\ 
(DP_CR_OATB BuaB_in ccr_wr ccr_rd (aig R_ccrS a) (aig R_ccr_rdanS a) 
BuaA_ccr_out (aig CcrO p) > A 

(DP_CR_OATK BuaB_in gcr_wr gcr_rd (aig R_gcrS a) (aig R_gcr_rdanS a) 
BuaA_gcr_out gcr_out ) / \ 

( OCR_Output a_OATR gcr_out (aig LadO p) raloadOl onaahotOl intarruptOl 
anablaOl raload23 onaahot23 intarrupt23 anabla23 
(aig Raaat_arrorO p) (aig Pram_invalidO p) ) /\ 

( SR_Inputa_OATB (aig Cpu_failB a) (aig Raaat_cpuB a) (aig Piu_failE a) 

(aig pnan_f ailB a) (aig S_a tataB a) (aig IdB a) 

(aig ChannallDB a) (aig CB_parityE a) (aig C_aaB a) 

(aig MB_parityE a) ar_inp) /\ 

( DP_SR_GATE ar_inp fam_cnt latch ar_rd (aig R_arS a) (aig R_ar_rdanS a) 
BuaA_ar_out) /\ 

(JOIN12n_OATE (31,0) 

BuaA_cO_outl BuaA_cO_out2 BuaA_cl_outl BuaA_cl_out2 

Bu a A_c 2 _ou 1 1 BuaA_c2_out2 BuaA_c3_outl BuaA_c3_out2 

BuaA_icr_out BuaA_ccr_out BueA_gcr„out BuaA_ar_out BuaA) w 

) 7 / 

lat RBlock_BXP « aava_thm 
( ' RBlock_HXP ' r 
(BBTA_RULB 
(RBWRITB_RULE 

[FSK_OATE ; Wr_Lat_QATE ; RW_Siga_OATB / Rag_Sal_Ct r_OATB 7 Rag_Fila_Ct l_OATB ; 
Ct r_Int_Logic_GATE / And_Tr a a_OATB ; Rag_Int_Logic_GATK ; 

( EXPAND_LET_RULE SR_Inputa_GATB) ; OCR_Output a_OATB ; 
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TRIBUF_OATB ; NOT_OATK / DFFA_QATB ; DLat A_OATB ; DSRELatB_OATB ; AND3_OATB ; 
DLat NA_OATK ; TRIBUFn_QATE / BUF.OATE / DP_CTR_OATR / DP_ICR_OATB ; DP__CR_QATB ; 
DP_SR_GATB / ( BXPAND_LBT_RULB J0INl2n_QATB ) ; AS* 1 ; BSal ; OND / VDD ; sig] 
<SPRC_ALL RBloc)c_OATB) ) ) 


closa_thaory ( ) ; ; 


Fila: rclock_daf.ini 

Author: (c) D.A. Fura 1992-93 

Data: 5 March 1993 

This flla contains tha ml tourca for tha clock- laval spaclf icatlon of tha 
R-Port of tha FTBP PIU f an ASIC davalopad by tha Bnbaddad Procasaing 
Laboratory, Boalng High Tachnology Cantar. Tha bulk of this coda was 
translatad from an M-languaga simulation program using a translator writtan 
by P.J. Windlay at tha Univarsity of Idaho. 


•% 


sat aaarch path (saarch path() B [ ' /homa/alvis6/dfura/f tap/piu/hol/lib/ • ? 

' /homa/alvis6/dfura/hol/Library/abs_thaory/ ' ; 

' /homa /alvis 6 /dfura/hol /Library /tools/ ' 

])/; 

systam 'rm rclock_daf . th ' ? ; 
naw_thaory ' rclock_daf ' ; ; 
loadf ' abs_thaory ' j / 

map naw_parant [ 'piuaux_daf * ; 'raux__daf # ; 'array_daf ' ; 'wordn_daf ' ; ' inaq' ] ; ; 

naw_typa_abbrav { ' timaC * , H \ num" ) ; ; 

lat ASal * dafinition 'piuaux_daf' 'ASal';; 
lat BSal * dafinition 'piuaux_daf' 'BSal';; 

lat RKP_ty « abs_typa_inf o (thaoram 'piuaux_daf' 'RBP');; 

% - 

Naxt-stata dafinition for R-Port instruction. 

% 


lat RClockNSP * naw_daf inition 
( 'RClockNSF ' , 

”1 (rap : A REP_ty) (s :r_stata) (a :r_anv) . 

RClockNSF rap s a » 

lat R_fsm_stata * R_fsm_stataS s and 

R_fsm_ala_ ■ R_f sm^ala_S s and 
R_fsn^mrdy_ » R_ f s m_mr dy _ S s and 
R_fsnv_last_ m R_fsm_l«»t_S s and 
R_fsm^rst * R_fsm_rstS s and 

R_ctrO_in * R_ctrO_inS s and 

R_ctrO _mux_sal * R_ctrO _mux_salS s and 
R_ctrO * R_ctrOS s and 
R_ctrO__irdan ■ R_ctrO_irdanS s and 
R_ctrO_naw ■ R_ctrO_nawS s and 
R_ctrO_cry ■ R_ctrO_cryS s and 
R_ctrO_out ■ R_ctrO_outS s and 
R_ctrO_ordan m R_ctrO_ordanS s and 
R_ctrl_in m R_ctrl_inS s and 
R_ctrl _mux_sal • R_ctrl_mux_salS s and 
R_ctrl m R_ctrlS s and 
R_ctrl_irdan * R_ctrl_irdanS s and 
R_ctrl_naw ■ R_ctrl_nawS s and 
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R_ctrl_cry = R_ctrl_cryS • and 
R_ctrl_out ■ R_ctrl_outS a and 
R_ctrl_ordan * R_ctrl_ordanS a and 
R_ctr2_in • R_ctr2_inS a and 
R_ctr2_mux_aal ■ R_ctr2_mux_aalS a and 
R_ctr2 * R_ctr2S a and 
R_ctr2_irdan = R_ctr2_irdanS a and 
R_ctr2_naw ■ R_ctr2_nawS ■ and 
R_ctr2_cry = R_ctr2_cryS « and 
R_ctr2_out ■ R_ctr2_outS • and 
R_ctr2_ordan * R_ctr2_ordanS > and 
R_ctr3_in ■ R_ctr3_inS a and 
R_ctr3_mux_aal * R_ctr3_mux_aalS a and 
R_ctr3 ■ R_ctr3S a and 
R_ctr3_irdan * R_ctr3_irdanS a and 
R_ctr3_naw * R_ctr3_nawS a and 
R_ctr3_cry * R_ctr3_cryS a and 
R_ctr3_out * R_ctr3_outS a and 
R_ctr3_ordan * R_ctr3_ordanS a and 
R_icr_load » R_icr_loadS a and 
R_icr_old = R_icr_oldS a and 
R_icr_maak * R_icr_maakS a and 
R_icr_rdan = R_icr_rdanS a and 
R_icr * R_icrS a and 
R_ccr * R_ccrS a and 
R_ccr_rdan ■ R_ccr_rdanS a and 
R q cr * R_gcrS a and 
R_gcr_rdan « R_gcr_rdanS a and 
R_ar ■ R_arS a and 
R_ar_rdan - R_ar_rdanS a and 
R_intO_dia « R_intO_diaS a and 
R_int3_dia * R_int3_diaS a and 
R_c01_cout_dal ■ R_c01_cout_dalS a and 
R_intl_an ■ R_intl_anS a and 
R_c23_cout_dal « R_c23_cout_dalS a and 
R_int2_an * R_int2_anS a and 
R_wr * R_wrS a and 

R_cnt latched* 1 * R_cntlatch_dalS a and 
R_ardy_dal_ * R_ardy_dal_s a and 
R_rag__aal * R_rag_aalS a and 
R_buaA_latch * R_buaA_latch 3 a in 
lat Rat • RatB a and 

I_ad_in ■ I_ad_inK a and 

I_rala_ - I_rala_B a and 

I_laat_ ■ I_laat_B • and 

I_ba_ * I_ba_B a and 

I_mrdy_ ■ I_mrdy_B • and 

Diaabla.int - Diaabla_intB a and 

Diaabla_writaa - Diaabla_writaaE a and 

Cpu_fail * Cpu_failB a and 

Raaat_cpu * Raaat_cpuE a and 

Piu_fail - Piu„failB a and 

Pmm_£ ail - Pnan_£ailB a and 

S_atata - S_atataB a and 

Id - Ids a and 

ChannalXD - ChannallDK a and 
CB_parity * CB_parityB a and 
HB_parity « MB_parityB a and 
C_aa > C_aaB a in 

lat naw_R_f am^atata * 

((R_ffam_rat) ■> Ri I 

( (R_fam_atata * RI) -> ( ( ~R_£am_ala_) «> RA I RI) I 
( (R_f an*_a tata - RA) *> { ( -R_£an^mrdy_) -> RD I RA) I 
( <-R_fam_laat_) «> RI I RA) ) ) ) in 

lat r_fam_cnt latch * { (R_f am_atata * RI) /\ -R_fam_ala_) in 
lat r_f am_ardy_ - ~ ( (R_f sm_atata * RA) /\ ~R_f em_mrdy_) in 

lat naw_R_wr * ( ( -BSal (I_rala_) ) -> (BLKMBNT (BSal ( I_ad_in) ) (27)) I R_wr) 

in 

lat naw_R_cnt lat ch_da 1 * r_fam^cnt latch in 
lat naw_R_ardy_dal_ - r_fam_ardy_ in 
lat naw_R_rag_aal - 
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( (~BSal(I__rala_) ) -> (SUBARRAY (BSal { I_ad_in) ) (3,0) ) I 

( ( -R_ardy_dal_) ■> (INCN 3 R_rag_aal) 1 R_rag_aal)) in 
lat r_rag_»al ■ ( ( ~R_»rdy_dal_) «> (INCN 3 R_rag_aal) I R_rag_»al) in 
lat r_writaA « {-ASal (Diaabla_writaa ) /\ R_wr /\ (naw_R_f anu*tata = RD) ) in 
lat r_writaB » ( -BSal (Diaabla_writas ) /\ naw_R_wr /\ 

(naw_R_f »m_»tata ■ RD) ) in 
lat r_raadA « ( -R_wr /\ (naw_R_f tat# ■ RA) ) in 
lat r_raadB - (~naw_R_wx /\ (naw_R_f am_atata * RA) ) in 

1st r_cir_wr01A « ( ( r_writaA /\ ( (r_rag_sal * (WORDN 38)) \/ 

(r_rag_aal « {WORDN 3 9))))) Tn 
lat r_cir_wr01B ■ ((r_writaB /\ ( (r_rag_sal « (WORDN 38)) \/ 

(r_rag_aal = (WORDN 3 9))))) in 

lat r_cir_wr23A « ((r_writaA /\ ( (r_rag_aal « (WORDN 3 10)) \/ 

(r_rag_aal - (WORDN 3 11) ) ) ) ) in 
lat r_cir_wr23B - ((r_writaB /\ ( <r_rag_aal ■ (WORDN 3 10)) \/ 

(r_rag_«al * (WORDN 3 11))))) in 

1st naw_R_ccr * ( (r_writaB /\ 

(r_rag_aal « (WORDN 3 3))) *> BSal (I_ad_in) I R_ccr) in 
lat naw_R_ccr_rdan * (r_raadB /\ (r_rag_aal ■ (WORDN 3 3))) in 
lat naw_R_gcr * ((r_writaB /\ 

(r_rag_aal * (WORDN 3 2))) «> BSal { I_ad_in) I R_gcr) in 
1st naw_R_gcr_rdan * (r_raadB /\ (r_rag_aal * (WORDN 3 2))) in 

1st naw_R_c01_cout_dal * R_ct rl_cry in 

lat intl_anR * { ( (ELEMENT naw_R_gcr (17)) A R_c01_cout_dal) \/ 

• (ELEMENT n*w_R_flcr (18))) in 
Imt intl_anS ■ ((ELEMENT naw_R_gcr (18)) /\ 

(R_ctrl_cry /\ (ELEMENT naw_R_gcr (16)) \/ r_cir_wr01B) ) in 

lat nav_R_intl_an * 

( (intl_anR \/ intl_anS) 

■> ( ( intl_anS /\ ~intl_anR) «> T I 
(~intl_anS /\ intl_anR) -> P I 
( -intl_anS / \ ~intl_anR) *> F I ARB) 

I R_intl_an) in 

lat naw_R_c 2 3 _cou t _da 1 - R_ctr3_cry in 

Imt int2_anR » (((ELEMENT naw_R^gcr (21)) /\ R_c23_cout_dal) \/ 

- (ELEMENT naw_R_gcr (22))) in 
lat int2_anS » ((ELEMENT naw_R_gcr (22)) /\ 

(R_ctr3_cry /\ (ELEMENT naw_R__gcr (20)) \/ r_cir_wr23B) ) in 

let naw_A_int2_an * 

( (int2_anR \/ int2_anS) 

m> ( (int2_anS /\ ~int2_anR) *> T I 
(~int2_anS /\ int2_anR) -> P I 
(~int2_anS /\ -int2_anR) »> P I ARB) 

I R_int2_an) in 
lat naw_R_etr0_in m 

{ ( r_writaB /\ (r_rag_aal - (WORDN 3 8))) *> BSal (I_ad_in) I R_ctrO_in) in 
lat na w_R_ c t r 0 _mux_ • • 1 * 

( (R_ctrl_cry /\ (ELEMENT naw_R_gcr (16))) \/ r_cir_wr01B) in 
lat naw_R_ctr0_irdan - (r_raadB /\ (r_rag_aal * (WORDN 3 8))) in 
lot naw_R_ctrO « ( (R_ctrO_mux_aal) ■> R_ctr0_in | R_ctr0_naw) in 
lat naw_R_ctrO_naw * 

(((ELEMENT R_gcr (19))) «> (INCH 31 naw_R_ctrO) | naw_R_ctr0) in 
lat naw_R_c t r 0 _c ry » ((ELEMENT R_gcr (19)) /\ (ONES 31 naw_R_ctrO) ) in 
lat naw_R_ctrO_out * ( (r_f«n_cnt latch) *> R_ctr0_naw | R_ctr0_out ) in 
lat naw_R_ctrO_ordan ■ (r_raadB /\ (r_rag_*al = (WORDN 3 12))) in 
lat naw_R_ctrl__in ■ 

( (r_writaB /\ (r_r*g_aal - (WORDN 3 9))) ■> BSal (I_ad_in) I R_ctrl_in) in 
lat naw_R_ctrl_BUX_aal * 

((R_ctrl_cry /\ (ELEMENT naw_R_gcr (16))) \/ r_cir_wr01B) in 
lat naw_R_c t r l_i rdan « (r_r«adB /\ (r_r*g_*al « (WORDN 3 9))) in 
lat naw_R_ctrl - ( (R_ctrl_mux_*al) *> R_ctrl_in I R_ctrl_naw) in 
lat naw_R_ctrl_naw - { (R_ctr0_cry) «> (INCN 31 naw_R_ctrl) I naw_R_ctrl) in 
let naw_R_c t r l_c ry ■ (R_ctr0_cry /\ (ONES 31 new_R_ctrl) ) in 
lat naw_R_ctrl_out » { (R_cntlatch_dal) ■> R_ctrl_naw | R_ctrl_out) in 
lat naw_R_ctrl_ordan ■ (r_raadB /\ (r_rag_aal ■ (WORDN 3 13))) in 
lat naw_R_ctr2_in * 

<(r_writ«B /\ (r_rag_»al * (WORDN 3 10))) «> BSal (I_ad_in) | R_ctr2_in) in 
lat na w_R_c t r 2 _mux_ ■ a 1 * 

( (R_ctr3_cry /\ (ELEMENT naw.R^gcr (20))) \/ r_cir_wr23B) in 
lat naw_R_ctr2_irdan ■ (r_raadB /\ (r_rag_aal * (WORDN 3 10))) in 
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let new_R_ctr2 = ( (R_ctr2_raux_ael) => R_ctr2_in 1 R_ctr2_new) in 
let new_R_ctr2_new = 

( ( (ELEMENT R_gcr (23)}) => (INCN 31 new_R_ctr2) | new_R_ctr2) in 
let new_R_ctr2_cry * ( ( ELEMENT R_gcr (23)) /\ (ONES 31 new_R_ctr2)) in 
let new_R_ctr2_out = ( latch) => R_ctr2_new | R_ctr2_out) in 
let new_R_ctr2_orden * (r_readB /\ (r_reg_*el * (WORDN 3 14))) in 
let new_R_ctr3_in a 

((r_writeB A (r_reg_eel * (WORDN 3 11))) => BSel (I_ad_in) I R_ctr3_in) in 
let new_R_ctr3_mux_*el * 

((R_ctr3_cry /\ (ELEMENT new_R_gcr (20))) \/ r_cir_wr23B) in 
let new_R_ctr3_irden * (r_readB /\ (r_reg_«el « (WORDN 3 11))) in- 
let new_R_ctr3 * ( (R_ctr3_raux_ael) => R_ctr3_in I R_ctr3_new) in 
let new_R_ctr3_new a ( (R_ctr2_cry) «> (INCN 31 new_R_ctr3) I new_R_ctr3 ) in 
let new_R_ct r 3_cry * (R_ctr2_cry /\ (ONES 31 new_R_ctr3 ) ) in 
let new_R_ctr3_out * ( (R_cntlatch_del) *> R_ctr3_new I R_ctr3_out) in 
let new_R_ctr3_orden * (r_readB /\ (r_reg_ael ■ (WORDN 3 15))) in 
let new_R_icr_load = 

(r_writeB /\ {(r_reg_eel » (WORDN 30)) \/ (r_reg_eel * (WORDN 3 1)))} in 
let new_R_icr_old a ( (new_R_icr_load) *> R_icr | R_icr_old) in 
let new_R_icr_ma*k * ( (new_R_icr_load) *> BSel (I_ad_in) I R_icr_mae)c) in 
let new_R_icr * 

( (R_icr_load) 

=> ( (- (r_reg_«el * (WORDN 3 1))) *> (Andn rep (R_icr_old, R_icr_mae)c) ) 

| {Orn rep (R_icr_old, R_icr_mae)c) ) ) 


| R_icr) in 


let new_R_icr_rden * 

( (new_R_f »m_*tate * RA) /\ 

( (r_reg_eel * (WORDN 30)) \/ (r_reg_»el * (WORDN 3 1)))) in 
let »rl_0 » (MALTBR ARBN (1,0) (BSel (Cpu_f ail) ) ) in 
let »r3_0 a (MALTBR erl_0 (3,2) (BSel (Re»et_cpu) > ) in 
let er8_0 - (ALTER ar3_0 (8) (BSel (Piu_f ail) ) ) in 
let »r9_0 a (ALTER ar8_0 (9) (BSel ail) ) ) in 
let erl5_0 a (MALTER «r9_0 (15,12) (BSel (S_atate) ) ) in 
let er21_0 a (MALTBR arl5_0 (21,16) (BSel(Id))) in 
let er23_0 a (MALTER er21_0 (23,22) (BSel (Channel ID) ) ) in 
let *r24_0 a (ALTER er23_0 (24) (BSel (CB_parity) ) ) in 
let »r27_0 a (MALTBR ar24_0 (27,25) (BSel (C_es) ) ) in 
let ar28_0 a (ALTER ar27_0 (28) (BSel (MB_parity) ) ) in 
let new_R_ar ■ ( (r_f»m,_cnt latch) a> ar28_0 I R_*r) in 
let new_R_er_rden * (r_readB /\ (r_reg_»el a (WORDN 3 4))) in 
let r_int0_en « (((ELEMENT R_icr (0)) A (ELEMENT R_icr (8))) \/ 
((ELEMENT R_icr (1)) /\ (ELEMENT R_icr (9))) \/ 

((ELEMENT R_icr (2)) A (ELEMENT R_icr (10))) \/ 

((ELEMENT R_icr (3)) A (ELEMENT R_icr (11))) \ / 

( (ELEMENT R_icr (4)) /\ (ELEMENT R_icr (12))) \/ 

( (ELEMENT R_icr (5)) A (ELEMENT R_icr (13))) \/ 

( (ELEMENT R_icr (6)) /\ (ELEMENT R_icr (14))) \/ 

( (ELEMENT R_icr (7)) A (ELEMENT R_icr (15))}) in 
let new_R_intO_die * r_intO_en in 

let r_int3_en » (({ELEMENT R_icr (16)) A (ELEMENT R_icr (24))) \/ 
((ELEMENT R^icr (17)) /\ (ELEMENT R_icr (25))) \/ 

( (ELEMENT R_icr (18)) /\ (ELEMENT R_icr (26))) \/ 

((ELEMENT R_icr (19)) A (ELEMENT R_icr (27))) \/ 

((ELEMENT R_icr (20)) /\ (ELEMENT R_icr (28))) \/ 

((ELEMENT R_icr (21)) A (ELEMENT R_icr (29))) \/ 

((ELEMENT R_icr (22)) /\ (ELEMENT R_icr (30))) \/ 

((ELEMENT R_icr (23)) /\ (ELEMENT R_icr (31)))) in 
let new_R_int3__die = r_int3_en in 


let new_R_bu»A_latch ■ 

( (R_ctrO_irden) ■> R_ctr0_in I 
( (R_ctr0_orden) a> R_ctr0_out I 
( (R_ctrl_irden) ■> R_ctrl_in I 
( (R_ctrl_orden) a> R_ctrl_out I 
{ (R_ctr2_irden) *> R_ctr2_in I 
( (R_ctr2_orden) a> R_ctr2_out | 

( (R_ctr3_irden) ■> R_ctr3_in | 

( (R_ctr3_orden) *> R_ctr3_out I 
( (R_icr_rden) »> R_icr I 
{ (R_ccr_rden) a> R_ccr I 
( (R gcr rden) *> R_gcr I 

( (R_*r_rden) -> R_er I ARBN) ))))))))))) in 
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let new_R_f em_ale_ « (BSel ( I_rale_) ) in 
let new_R_£ •nunurdy_ = {BSel (I_mrdy_) ) in 
let new_R_f enul»»t_ * {BSel (I_last_) ) in 
let n*w_IL£iin_r«t ■ (BSel (Ret)) in 

(RState new_R_ctrO new_R_ctrl new_R_ctr2 new_R_ctr3 
new_R_bueA_ latch new_R_f en*_»tate 

new_ R_f ei^_ale_ new_R_f em L _mrdy_ new_R_f em_laet_ new_R_f em_rst 
new_R_intO_dis new_R_int3_dis new_R_c 0 l_cout _de 1 new_R_int l__en 
new_R_c23_cout_del new_R_int2_en new_R_wr ne w_R^cnt 1 a t ch_de 1 
new_R_s rdy_.de 1_ new_R_reg_s e 1 nevr_R_ctrO_in new_R_ctrOJT!nux_eel 
new_R_ctrO_irden new_R_ctrO_cry new_R_ctrO_new new_R_ct rO_out 
ne w_R_c t r 0 _orde n new_R_c t r 1_ in ne w_R_c t r l_mux_e e 1 new_R_ctrl_irden 
new_R_ct r l_cry new_R_c t rl_new new_R_ctrl_out new_R_ctrl_orden 
new_R_ctr2_in new„R_c t r 2 _rmix_e e 1 new_R_ctr2_irden new_R^ctr2_cry 
new_R_ctr2_new new_R_ctr2_out new_R_c t r 2 _orden new_R_ctr3_in 
new_R_c t r 3 _mux_» e 1 new_R_ctr3_irden new_R_ctr3_cry new_R_ctr3_new 
new_R_ctr3_out n e w_R_c t r 3 _o rde n new_R_icr_load new_R_icr_old 
new_R_icr_mask new_R_icr new_R_icr_rden new_R_ccr new_R_ccr_rden 
new R qcr new R g c r_rden new_R_er new_R_er_rden) " 

)n 

let RClockNSF_RRW * save_thxn 
('RClocfcNSF_RRW', 

( PURE_ONCB_RRWRITK_RULB [ASel/BSel] RClocfcNSF) 

);> 


% - 

Output definition for R-Port instruction* 
- - % 


let RClockOF ■ new_def ini t ion 
( 'RClockOF * , 

“ 1 (rep t A RBP__ty) (e :r_etate) (e *r_env) . 

RCloclcOF rep a e ■ 

let R_fsi*_etate * R_f em_etateS e and 
R_f env_ale_ « R_f en*_ale_S e and 
R_f ssa L _mrdy_ = R_ f e nL_mr dy_ S e and 
R_fem_laet_ « R_£si0.ast_S e and 
R_f enure t » R_fenuretS e and 
R_ctrO_in * R_ctrO_inS e and 
R_ctrO_mux_eel * R_ctrO_mux_eelS e and 
R_ctrQ * R_ctrOS e and 
R_ctrO_irden * R_ctrO_irdenS e and 
R_ctrO_new * R_ctrO_newS e and 
R_ctrO_cry * R_ctrO_cryS e and 
R_ctrO_out * R_ctrO_outS e and 
R_ctrO_orden « R_ctrO_ordenS e and 
R_ctrl_in ■ R_ctrl_inS e and 
R_ctrl_niux_eel * R_ctrl_mux_selS s and 
R_ctrl ■ R_ctrlS e and 
R_ctrl_irden ■ R_ctrl_irdenS e and 
R_ctrl_new ■ R_ctrl_newS e and 
R_ctrl_cry » R_ctrl_cryS e and 
R_ctrl_out m R_ctrl_out S s and 
R_ctrl_orden * R_ctrl_ordenS a and 
R_ctr2_in ■ R_ctr2_inS e and 
R_ctr2_mux_sel - R_ctr2_mux_sels e and 
R_ctr2 « R_ctr2S e and 
R_ctr2_irden * R_ctr2_irdenS e and 
R_ctr2_new - R_ctr2_newS e and 
R_ctr2_cry ■ R_ctr2_cryS e and 
R_ctr2_out ■ R_ctr2_outS e and 
R_ctr2_orden * R_ctr2_ordenS e and 
R_ctr3_in ■ R_ctr3_inS e and 
R_ctr3_nnix_eel » R_ctr3_mux_eelS s and 
R_ctr3 « R_ctr3S e and 
R_ctr3_irden - R_ctr3_irdenS e and 
R_ctr3_new * R_ctr3_newS e and 
R_ctr3_cry » R_ctr3_cryS e and 
R_ctr3_out * R_ctr3_outS e and 
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R_ctr3_orden * R_ctr3_ordanS ■ and 

R_icr_load = R_icr_ loads ■ and 

R_icr__old * R_icr_oldS a and 

R_icr_maa)c - R_icr_maakS a and 

R_icr_rdan * R_icr_rdenS a and 

R_icr » R_icrS a and 

Rccr « R_ccrS a and 

R_ccr_rden = R_ccr_rdenS a and 

R_gcr * R_gcrS a and 

R_gcr_rden * R gcr rdanS a and 

R_ar * R_arS a and 

R_er_rden * R_sr_rdenS a and 

R_intO_dia - R_intO_diaS a and 

R_int3_dia = R_int3_diaS a and 

R_c01_cout_del - R_c01_cout_delS • and 

R_intl_en - R_intl_enS a and 

R_c23_cout_del - R_c23_cout_dalS a and 

R_int2_an ■ R_int2_enS a and 

R_wr » R_vrS a and 

R_cntlatch_del * R_cntlatch_delS a and 
R_ardy_del_ * R_ardy_del_S a and 
R_reg_ael « R_reg_eelS a and 
R_buaA_latch * R_bu»A_latchS a in 
let Rat ■ RatB • and 

I_ad_in - I_ad_inJ2 a and 

I_rale_ * I_rale_B a and 

I_laat_ m I_laat_B • and 

I_be_ ■ I_be_B a and 

I_mrdy_ * l_mrdy_B a and 

Diaabl«_int * Dieable_intB • and 

Diaable_writea * Dieable_writeaB • and 

Cpu_fail * Cpu_failB • and 

Raaet_cpu ■ Reeet_cpuB • and 

Piu_fail * Piu_failB • and 

Pmm_f ail » Pinm_f ailB a and 

S_atata - S_atataB a and 

Id ■ IdB a and 

ChannallD « Channel IDE a and 
CB_parity » CB_parityB a and 
MB_parity « MB_parityE a and 
C_e* « C_a*B a in 


lat naw_R_£anu*tata * 

( (R__f ain_r»t) ■> RI I 

( (R_f an^atata » RI) *> { ( ~R_f »m_ala_) «> RA | RI) I 
( (R_f»m_»tata ■ RA) => ( ( ~R_f ■m_mrdy_) *> RD ( RA) I 
( (~R_f»m^laat_) •> RI I RA) ) ) ) in 

l»t r_£am_cnt latch - ( (R_f »nu»tata « RI) /\ ~R_f en*_ala_) in 
lat r_f anu*rdy_ « - ( {R_f am_»tata * RA) /\ -R_f am_mrdy_) in 

lat naw_R_wr - ( ( -BSal (I_rale_) ) «> (ELEMENT {BSal (I_ad_in) ) (27)) I R_wr) 

in 

lat naw_R_cnt lat ch_da 1 * r_fam_cnt latch in 
lat n«w_R_ardy_dal_ « r_fanu*rdy_ in 
lat new_R_reg__sel * 

{ (-BSel(I_rala_) ) *> (SUBARRAY (BSal (I_ad_in) ) (3,0)) I 

( (-R_erdy_dal_) ■> (INCN 3 R_rag_aal) t R_rag_aal) ) in 
lat r_rag_«al - ( ( -R„ardy_del_) => (INCN 3 R_rag_«al) | R_reg_ael) in 
lat r_writaA * ( -ASal (Diaabla.writaa) /\ R_wr /\ (naw_R_f = RD) ) in 
lat r_writaB - ( -BSal (Diaable_writes) /\ new_R_wr /\ 

(new_R_f sm_etate * RD)) in 
lat r_raadA = (-R_wr /\ (new_R_f an^atata * RA) ) in 
lat r_raadB * (-naw_R_wr /\ (naw_R_f am_atata * RA) ) in 


lat 

r_cir_wr01A 

= ( (r_writaA 

/\ 

lat 

r_cir_wr01B 

* ( (r_vriteB 

/\ 

lat 

r_cir_wr23A 

* ( (r_wxiteA 

/\ 

lat 

r_cir_wr23B 

- ( (r.writaB 

/\ 

let 

new_R_ccr = 

( ( r_writeB /\ 


( (r_rag_»al = (WORDN 3 8)) \/ 

(r_rag_»al « {WORDN 3 9))))) in 
( (r_rag_aal * (WORDN 3 8)) \/ 

(r_rag_»al * (WORDN 3 9))))) in 
( (r_rag_ael * (WORDN 3 10)) \/ 

(r_rag_aal * (WORDN 3 11))))) in 
( (r_rag_*al * (WORDN 3 10) ) \/ 

(r_rag_aal a (WORDN 3 11))))) in 
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(r_rag_aal ■ (WORDN 3 3))) *> BSal (I_ad_in) 1 R_ccr) in 
lat naw_R_ccr_rdan = (r_raadB A (r_rag_ael = (WORDN 3 3))) in 
lat mw R gcr « ( (r_writaB /\ 

(r_rag_aal * (WORDN 3 2))} *> BSal (I_ad_in) | R__gcr) in 
lat n>w R acr rdan ■ (r_raadB /\ (r_rag_aal * (WORDN 3 2))) in 

iat naw_R_c01_cout_dal = R_ctrl_cry in 

lat intl_anR * ( ( (RLKMBNT nav R gcr (17)) A R_c01_cout_dal) \/ 

- (ELEMENT naw_R_gcr (18))) in 
lat intl_anS . ( (ELEMENT naw_R_gcr (18)) /\ 

(R_ctrl_cry /\ (ELEMENT naw_R_gcr (16)) \/ r_cir_wr01B) ) in 

lat naw_R_intl_an = 

({intl_anR \/ intl_anfl) 

a> {(intl_anS A ~intl_anR) «> T | 

( -int l_anS /\ intl_anR) *> P I 
( -int l_enS /\ -intl_anR) *> P i ARB) 

| R_intl_an) in 

lat naw_R_c23_cout_dal « R_ctr3_cry in 

lat int2_anR * (((ELEMENT naw_R_gcr (21)) /\ R_c23_cout_dal) \/ 

-(ELEMENT naw_R_gcr (22))) in 
lat int2_anS * ((ELEMENT naw_R_gcr (22)) /\ 

(R_ctr3_cry /\ (ELEMENT naw_R_gcr (20)} \/ r_cir__wr23B) ) in 

lat naw_R_int2_an « 

{(int2_anR \/ int2_anS) 

*> ((int2_anS /\ -int2_anR) =*> T | 

( -int2_anS /\ int2_anR) => P | 

( -int2_anS /\ -int2_anR) a> P I ARB) 

I R_int2_an) in 
lat naw_R_ctrO_in « 

( (r_writaB A (r_rag_aal « (WORDN 3 8))) ■> BSal (l_ad_in) | R_ctrO_in) in 
lat naw_R_ctrO_mux — aal = 

( (R_ctrl_cry /\ (ELEMENT naw_R_gcr (16))) \/ r_cir_wr01B) in 
lat naw_R_ctrO_irdan * (r_raadB /\ (r_rag_aal a (WORDN 3 8))) in 
lat naw_R_ctrO = ( (R_ctrO_mux_aal) «> R_ctrO_in I R_ctrO_naw) in 
lat naw_R^ctrO_naw - 

(((ELEMENT R_gcr (19)}) -> (INCN 31 naw_R_ctrO) | naw_R_ctrO) in 
lat naw_R_ctrO_cry a ((ELEMENT R_gcr (19)) A (ONES 31 naw_R_ctrO) ) in 
lat naw_R_ctrO_out « ( (r_£ anient latch) •> R_ctrO_naw I R_ctrO_out) in 
lat naw_R_ctrO_ordan * (r_raadB /\ (r_rag_»al = (WORDN 3 12))) in 
lat naw_R_ctrl_in a 

( (r_writaB /\ <r_rag_aal « (WORDN 3 9))) «> BSal (I_ad_in) | R_ctrl_in) in 
lat na w_R_ Ctrl _raux_ sal - 

( (R_ctrl_cry /\ (ELEMENT naw R g cr (16))) \/ r_cir_wr01B) in 
lat naw_R_ctrl_irdan * (r_raadB A (r_rag_sal a (WORDN 3 9))) in 
lat naw_R_ctrl * ( (R_ctrl_nsux_»al) *> R_ctrl_in I R_ctrl_naw) in 
lat naw_R_ctrl_naw * ( (R_ctrO_cry) «> (INCN 31 naw__R_ctrl) | naw__R_ctrl) in 
lat naw_R_ctrl_cry * (R_ctrO_cry /\ (ONES 31 naw_R_ctrl) ) in 
lat naw_R_ctrl_out a ( (R_cntlatch_dal) a> R_ctrl__naw | R_ctrl_out) in 
lat naw_R_ctrl_ordan * (r_raadB A (r_rag_»al * (WORDN 3 13))) in 
lat naw_R_ctr2_in a 

( (r_writaB /\ (r_rag_aal a (WORDN 3 10))) a> BSal (I_ad_in) I R_ctr2_in) in 
lat naw_R_ctr2 _mux_aal * 

( (R_ctr3_cry /\ (ELEMENT naw_R_gcr (20))) \/ r_cir_wx23B) in 
lat naw_R_ctr2_irdan ■ (r_raadB /\ (r_rag_»al * (WORDN 3 10))) in 
lat naw_R_ctr2 ■ ( (R_ctr2_mux_»al) *> R_ctr2_in I R_ctr2_naw) in 
lat naw_R_c t r 2 _n.aw ■ 

(((ELEMENT R_gcr (23))) «> (INCN 31 naw_R_ctr2 ) | naw_R^ctr2) in 

lat naw__R__ctr2_cry * ((ELEMENT R gcr (23)) A (ONES 31 naw_R_ctr2) ) in 
lat naw_R_ctr2_out * ( (r_f an^cntlatch) *> R_ctr2_naw | R^ctr2_out) in 
lat naw_R_ctr2_ordan * (r_raadB /\ (r_rag_sal a (WORDN 3 14))) in 
lat naw_R_ctr3_in a 

( (r_writaB /\ (r_rag_aal ■ (WORDN 3 11))) a> BSal ( I_ad_in) | R_ctr3_in) in 
lat naw_R_ctr3_mux_aal a 

( <R_ctr3_cry /\ (ELEMENT naw_R_gcr (20))) \/ r_cir_wr23B) in 
lat naw_R_ctr3_irdan * (r_raadB /\ (r_rag_»al * (WORDN 3 11))) in 
lat naw_R_ctr3 * ( (R_ctr3_mux_aal) *> R_ctr3_in | R_ctr3_naw) in 
lat naw_R_ctr3_naw ■ ( (R_ctr2_cry) «> (INCN 31 naw_R_ctr3) | naw_R_ctr3) in 
lat naw_R_ctr3_cry « (R_ctr2_cry /\ (ONES 31 naw_R_ctr3) ) in 
lat naw_R_ctr3_out a ( (R_cntlatch_dal) *> R_ctr3_naw I R^ctr3_out) in 
lat naw_R_ctr3_ordan a (r_raadB /\ (r_rag_»al a (WORDN 3 15))) in 
lat naw_R_icr_load a 

(r_writaB /\ ( (r_rag_«al a (WORDN 30)) \/ (r_rag_aal a (WORDN 3 1)))) in 
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lat naw_R_icr_old * ( (naw_R_icr_load) *> R_icr I R_icr_old) in 

l*t naw_R_icr_maak * ( (naw_R_icr_load) *> BSal ( I_ad_in) I R_icr_maa)c) in 

1st naw_R_icr * 

( (R_icr_load) 

=> ( (~(r„raff_aal = (WORDN 3 1))) => (Andn rap (R_icr_old, R_icr_mas)c) ) 

| (Orn rap (R_icr_old, R_icr_maak) ) ) 


| R_icr) in 
lat naw_R_icr_rdan ■ 

( (naw_R_f am_atata = RA) /\ 

( ( r_rag_aal * (WORDN 30)} \/ (r_rag_aal * (WORDN 3 1)))) in 
lat arl_0 * (MALTKR ARBN (1,0) (BSal (Cpu_f ail) ) ) in 
lat ar3_0 * (MALTKR »rl_0 (3,2) {BSal (Raaat_cpu) ) ) in 
lat ar8_0 « (ALTBR ar3_0 (8) (BSal (Piu_f ail) ) ) in 
lat ar9_0 = (ALTBR ar8_0 (9) (BSal (Pnmuf ail) ) ) in 
lat arl5_0 = (MALTKR ar9_0 (15,12) (BSal (S_stata ) ) ) in 
lat ar2 1_0 * (MALTKR arl5_0 (21,16) (BSal(Id))) in 
lat ar23_0 = (MALTKR sr21_0 (23,22) (BSal (ChannallD) ) ) in 
lat ar24_0 = (ALTBR ar23_0 (24) (BSal (CB_parity) ) ) in 
lat ar27_0 = (MALTKR ar24_0 (27,25) (BSal (C_aa ) ) ) in 
lat ar28_0 * (ALTBR ar27_0 (28) (BSal (MB_parity) ) ) in 
lat naw_R_ar = ( (r_f am_cntlatch) => ar28_0 I R_ar) in 
lat naw_R_ar_rdan * (r_raadB A (r_rag_sal * (WORDN 3 4))) in 
lat r_int0_an * ( ( (ELKMKNT R_icr (0)) A (BLKMBNT R_icr (8))) \/ 

((ELEMENT R_icr (1)) A (BLKMKNT R_icr (9))) \/ 

( (BLKMBNT R_icr (2)) A (ELEMENT R.icr (10))) \/ 

( (ELEMENT R_icr (3)) /\ (BLKMBNT R_icr (11))) \/ 

( (ELEMENT R__icr (4)) /\ (ELEMENT R_icr (12))) \/ 

( (ELEMENT R_icr (5)) /\ (ELEMENT R_icr (13))) \/ 

((ELEMENT R_icr (6)) A (ELEMENT R_icr (14))) \/ 

((ELEMENT R_icr (7)) /\ (ELEMENT R_icr (15)))) in 
lat naw_R_int0_dia * r_int0_an in 

l«t r_int3_an * (((ELEMENT R_icr (16)) /\ (ELEMENT R_icr (24))) \/ 

( (ELEMENT R_icr (17)) A (ELEMENT R_icr (25))) \/ 

( (ELEMENT R_icr (18)) /\ (ELEMENT R_icr (26))) \/ 

((ELEMENT R_icr (19)) /\ (ELEMENT R_icr (27))) \/ 

( (ELEMENT R_icr (20)) /\ (ELEMENT R__icr (28)}) \/ 

( (ELEMENT R_icr (21)) /\ (BLKMBNT R_icr (29))) \/ 

( (ELEMENT R_icr (22)) A (ELEMENT R_icr (30))) \/ 

( (ELEMENT R_icr (23)) A (ELEMENT R_icr (31)))) in 
lat naw_R_int 3 _di a * r_int3_an in 


lat naw_R_buaA_latch * 

( ( R_c t r0_irdan ) ■> R_ctr0_in I 
( (R_ctr0_ordan) *> R_ctrO_out I 
( (R_ctrl_irdan) *> R_ctrl_in I 
( (R_ctrl_ordan) «> R_ctrl_out | 

( (R_ctr2_irdan) «> R_ctr2_in I 
( (R_ctr2_ordan) ■> R_ctr2_out | 

( (R_ctr3_irdan) ■> R_ctr3_in l 
( (R_ctr3_ordan) «> R_ctr3_out I 
{ (R_icr_rdan) ■> R_icr I 
( (R_ccr_rdan) ■> R_ccr I 
( (R_gcr_rdan) *> R_gcr I 

( (R_ar_rdan) «> R_ar I ARBN) ))))))))))) in 
lat naw_R_f em^ala^ * (BSal (I_rala_) ) in 
lat naw_R_f am_nxrdy_ * (BSal ( I_mrdy_) ) in 
lat naw_R_f am^laat_ ■ (BSal ( I_laat_) ) in 
lat naw_R_f am^rat = (BSal(Rat)) in 


lat I_ad_out • 

( ( ( -R_wr /\ ( (naw_R_f aiiL.»tata - RA) \/ (naw_R_f a»_*tata ■ RD) ) ) 

■ > (BUSN naw_R_bu a A_ 1 a t c h ) I Offn) , 

{ ( -naw_R_wr A ( (naw_R_fanL.atata - RA) \/ (naw_R_f an*_atata * RD) ) ) 
*> (BUSN naw_R_buaA_latch) I Offn) ) in 
lat I_ardy_ * 

( ( ( (naw_R_f sm_Btata - RA) \/ <naw_R_f am_stata « RD) ) 

=> (WIRE - ( ( R_f am_* t at a = RA) /\ ~R_f am_mrdy_) ) I Z) , 

( ( (naw_R_f »m_«tata * RA) \ / (naw_R_f ara^atata * RD) ) 

«> (WIRE - ( (R_fam_»tata * RA) A -R_f axn_mrdy_) ) | Z) ) in 

lat Int0_ * 

( ( - (r_int0_an A -R_int0_dia /\ -ASal (Diaabla_int ) ) ) , 

(~(r_int0_an A -R_int0_di» /\ -BSal (Diaabla_int ) ) ) ) in 
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lat Inti * 

( (R_ctrl_cry /\ R_intl_an /\ -ASal (Dieabla_int ) ) , 

(R_ctrl_cry /\ naw_R_intl_an /\ -BSal (Diaabla_int ) ) ) in 
lat Int2 * 

( (R_ctr3_cry /\ R_int2_an A -ASal (Diaabla_int ) ) , 

(R_ctr3_cry /\ naw_R_int 2 _an /\ -BSal (Diaabla_int ) ) ) in 
lat Int3_ = 

( (~(r_int3_an /\ -R_int3__dia /\ -ASal (Diaabla_int ) ) ) , 

(- (r_int3_an /\ -R_int3_dia /\ -BSal (Diaa±>la_int ) ) ) ) in 
lat Ccr ■ (R_ccr, naw_R_ccr) in 

lat Lad * ((SUBARRAY R_gcr (3,0)), (SUBARRAY na*r_R_gcr (3,0))) 'in 
lat Raaat_arror * ( (ELEMENT R_gcr (24)), (BLBMBNT naw_R_gcr (24))) in 
lat Pnm_invalid * ( (ELEMENT R_gcr (28) ) , (ELEMENT naw_R_gcr (28))) in 

(ROut I_ad_out I_ardy_ Int0_ Inti Int2 Int3_ Ccr Lad Raaat_arror 
Pmm_ invalid) " 

);; 

lat RClockOF_RBW * aava_thm 
( 'RClockOF_RBW' , 

( PURB_ONCB_REWRITB_RULB [ASal/BSal] RClockOF) 

) ;; 

lat RC_Bxac « naw_daf inition 

( ' RC_Bxac ' , 

*\ (rci tRCI) (0 t timaC->r_atata) (a : tiwaC->r_anv) (p : timaC->r_out) 
(t stimaC) . 

RC_Bxac rci a a p t * T* 

);/ 

lat RC_PraC ■ naw_daf inition 
( 'RC_PraC' , 

*1 (rci : RCI) (a t timaC->r_atata) (a : timaC->r_anv) (p r timaC->r_out) 
(t ttimaC) . 

RC_PraC rci a a p t * T" 

);; 

lat RC_PoatC ■ naw_daf inition 
( 'RC_PoatC 1 , 

*! (rci tRCI) (a t timaC->r_atata) (a t timaC->r_anv) (p :timaC->r_out) 
(t ttimaC} . 

RC_Po*tC rci a a p t * 

(a (t+1) - RClockNSF (a t) (a t)) /\ 

(p t - RClockOF (a t) (a t))" 

) ; ; 

lat RC_Corract * naw_daf inition 
( 'RC_Corraet ' , 

"l (rci tRCI) (a ttimaC- >r_atata) (a t timaC->r_anv) (p t timaC->r_out ) 
(t ttimaC) . 

RC_Corract rci a apt * 

RC_Bxac rci a apt A 

RC_PraC rci a apt 

**> 

RC_PoatC rci a a p t" 

);; 

lat RCSat_Corract * naw_daf inition 
( ' RCSat_Corract ' , 

* ! (a : timaC->r_atata ) (a ttimaC->r_anv) (p : t imaC - >r_out ) . 
RCSat_Corract a a p * ! (rci tRCI) (t ttimaC) . RC_Corract rci a a p t w 
);; 


cloaa_thaory ( ) ; / 


3.5 C-Port Definitions 
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This section contains the theories caux_def, cblockjdef, and cclockjief, defining the C-Port design. 


% 


File: caux_def.ini 

Author: (c) D.A. Fura 1992-93 

Data: 3 March 1993 

This file contains auxiliary definitions for ths C-Port of the FTBP PXU, an 
ASIC davalopad by tha Embedded Processing Laboratory, Boeing High Technology 
Canter. 


% 


set_flag ('timing', true)/; 

sat_search_path (search_path{ ) B [ ' /home/elvis6/dfura/f tap/piu/hol/lib/ ' j 

* /homa/alvis6/dfura/hol/Library/tools/ ' 
]);; 


system ' rm caux_def . th ' / ; 
new_theory 'caux_def ' / ; 

map new_parent [ ' array_daf ' j * wordn_def ' ; 'busn_def ' ; - inaq ' ] ; ; 

new_type_abbrev { ' t ima ' , " : num" ) / ; 
new_type_abbrav ( ' wordn ' , " : ( num- >bool ) " ) / ; 
naw_typa_abbr av ( ' busn ' , " : ( num- >wire ) " ) ; / 

let MS TART - -'WORDN 2 4 ";/ 
let MEND « "WORDN 2 5";; 
let MRDY » "WORDN 2 6";/ 
let MWAIT « "WORDN 2 7";; 
let MABORT * "WORDN 2 0";; 

let SACK * "WORDN 2 5"// 
let SRDY « "WORDN 2 6";/ 
let SWAIT ■ "WORDN 2 7";; 
let SABORT * "WORDN 2 0";? 

% 

Abstract data types for tha C-Port Master, Slava, and SRdyBn FSMs. 


% 


let craf sm_ty_Axiom » 

daf ine_type ' cmf sm_ty_Axiom ' 

'cmfsnuty * CMI | CMR I CMA3 I CMAl I CMAO I CMA2 I CMDl I CMDO I 
CMW 1 CMABT'/j 

let csf sm_ty_Axiom * 

define_type ' csf sm_ty_Axiom ' 

' csf sm_ty « CSI I CSL I CSAl I CSAO I CSAOW | CSALS I CSRR I 
CSD1 I CSDO | CSACK I CSABT'/J 

let cef sm_ty_Axiom • 

define_type ' caf sm_ty_Axiom' 

-cafsm_ty * CRI I CBB * ; ; 


% 

Abstract data type for tha C-Port instruction. 

% 

let CCI = 

define_type 'CCI' 

-CCI « CC_X ' / ; 
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% 

Abstract data typa for tha stats. 


% 


1st cc__stata * 

da£ina_typa 'cc_stata' 

'cc_stata = CCStata cmf sm_ty bool bool bool bool bool bool bool bool 
bool bool wordn bool csf sm^ty bool bool bool 
bool bool bool wordn caf am_ty bool bool bool 
bool bool bool bool bool wordn bool bool bool 
bool bool bool bool bool bool bool 'bool bool 
wordn wordn wordn wordn wordn wordn wordn 
bool ' ; ; 

lat C_mf am_stataS * naw_racursiva_daf inition 
falsa 
cc_stata 
'C_mf siiL_»tataS ' 

"C.jnf sm_stataS (CCStata C_mfsm_stata C_mf sm_srdy_an C_mfsm_D C_mf sn*_grant 

C_mfsm_rst C_mf sm^busy C_mf sm^writa C_mfsm_crqt_ 

C_mf sm_hold__ C_mfsm_last_ C_mf snv_lock_ C_m£sm_sa 
C_mf sm_ invalid C_*fsm_stata C_sfsm_D C_sf sm_grant 
C_afam_rst C_»f snv_writa C_sf sm_addrassad C_sf sm u _hlda_ 
C_af sm_ms C_a fsm_a tat a C_afsnucala_ C_af sn*_laat_ 

C_af snL_mala_ C_a£ sm^rala^ C_af snL_ardy_ C_afsm_rst 
C_lock_in_ C_last_in_ C_ss C_clkA C_last_out_ 
C_sidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_iourca C_data_in C_sizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

a C_mf sm_stata w ; t 

1st C_jnf sm_»rdy_anfl * naw_racur*iva_daf inition 

falsa 

cc_stata 

' C_mf »m_a rdy_arxS ' 

"C_mf snu*rdy_anS (CCStata C_mf sm„stata C_mfsnL.*rdy_an C_mfsmJD C_mf sm_grant 

C_mfsm_rst C_mf snubusy C_mf *m_writa C_mfsm_crqt_ 

C_mf sm_hold_ C_mf sm_laat_ C_mf snL_locb_ C_mf *m_»* 

Cjnfsnu invalid C_sf am_stata C_sfsiiL_D C_sf sm_grant 
C_sfsm_rst C_af sm_writ a C_»fsm_addr as sad C_s£sm^hlda_ 
C_»fsm u _ms C_af snv_stata C_af ■m 1 _cala_ C_af sn*_la*t_ 

C_af Smyrna la_ C_afsxn_rala_ C_af sm_»rdy_ C_a£sm_rat 
C_lock_in_ C_la#t_in_ C_ss C_clkA C_last_out_ 
C_»idla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_sourca C_data_in C_sizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 

■ C_mf am^»rdy_an" / ; 

1st C_pif sm^DS * naw_racursiva_daf inition 
falsa 
cc_stata 
' C_mf »m_DS • 

"C^mf am_DS (CCStata C_mf sn*_»tata C_mf anv_ardy_an C_mfsxn_D C_zof am grant 

C_mf am_rst C_mf a m_bu ay C_mfsm_writa C_mf s m^c r qt _ 

C_mf sm w hold_ C_mf snv_last_ C_mf sn*_lock_ C_jttfsm_*» 

C_mfsm_ invalid C_sf sn*_stata c_sfsm_D C_sf sm_grant 
C_sfsnv_rst C_if sm_writa C_sf sm_addrasssd C_sfsm_blda_ 
C_sfsnL_ms C_a£sm^stata C_af si*_caln_ C_af sm_laat_ 

C_af sm_mala_ C_afsm_rala_ c_af sn*_srdy_ C_afain_rat 
C_lock_in_ C_last_in_ C_ss C_clkA C_last_out_ 
C_sidla_dal C_mrgt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
Cjparity C_sourca C_data_in C_sixawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

■ C_m£sm^D i '; ; 

lat C_m£ a migrants ■ naw_racursiva_daf inition 
falsa 
cc_stata 
' C_mf am grants ' 
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"C_mf sm_grantS ( CCStat • C_mf sm_stata C_mf ■m_srdy„an C_mfsm_D C_mf ■m_gr ant 

C_mf C_mfsnv_busy c_mfsm_writa C_mf sm_crqt_ 

C_mf ■m_ho ld_ C_mfsm_last_ C_mf sm_lock_ C_mf »xn_s ■ 
C_mfarn_ invalid C_sf am_stata C_sfsi^_D C_sf sm_grant 
C_sfsm_rst C_sf sm^writa C_*f sm_addr as sad C_sfsm_hlda_ 
C_»f »m_m» C_af sm_stata C_afam^cala_ C_afsm_last_ 

C_af sm_mala_ C_a£ sm^rala_ C_afsnu*rdy_ C_afsm_rst 
C_lock_in_ C_last_in_ C_ss c_elkA C_last_out_ 
C_*idla_dal C_mr<it_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_sourca C_data_in C_sizawrba C ~iad_out 
C_alaO C_a3a2 C_lad_in C_wr) 

» C_mf •migrant " ; / 

lat C_mfsm_rstS ■ naw_racursiva_daf inition 
falsa 
cc_stata 
' C_mf am_ratS ' 

"C_mf am_ratS (CCStata C_mf *m_»tata C_mf sm_ardy_an C_mf am_D C_mf sm_grant 
C_m£am_rat C_mf sm_busy C_mf »m_writa C_mf sm_crqt_ 
C_mfsm_hold_ C_mf *m_la«t_ C_mf sm_lock_ C_mf sm_ss 
C_mf*m_ Invalid C_«fsm_stata C_sfsm_D C_s£sm_grant 
C.sfsnurst C_*f*m_writa C_sf sm^addrassad C_sfam_hlda_ 
C_afsm__ma C_af sm_stata C_a£sm^cala__ C_af sin_last_ 

C_af sm_mala_ C_afsm_rala_ C_af sm_srdy_ C_a£am L _rat 
C_lock_in_ C_laat_in_ C_ss C_clkA C_laat_out_ 

C_« idla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in c_sizawrba C_lad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

= C_mf sm„rst ; 

lat C_mf sm^busyS = naw_racursiva_daf inition 
falsa 
cc_stata 
' c_jnf sm_busys ' 

"C_mf sm_bu»yS (CCStata C_mf *m_»tata C_mf »m_srdy_an C_mf sm_D C_mf sm_grant 
C_mf »n>^r»t C_mf sm_busy C_mf »n^_wr ita C_m£ sm_crqt_ 

C_mf sm_hold_ c_mf sm_last_ C_mf snulocK_ C_mf sno^ss 
C_mfam_ invalid C_sf sm_stata C_sfsm_D C_sf sm^grant 
C_s£sm u _rst C_sf snuwrita C_sf sm_addrassad C_sfsm_hlda_ 
C_s£snu»» C_afsnL.«tata C_af sm^cala_ C_af *m_last_ 
c_af snv_mala_ C_af sn^rala_ C_a£sm_srdy_ C_afsnurst 
C_lock_in_ C_last_in_ C_ss C_clkA C_last_out_ 
C_»idla_dal C_mrcit_dal C_hold_ C_cout_0_la_da 1 
C_cin_2_la C _mrdy_dal_ C_iad_an_i_dal C_wrdy C_rrdy 
C_parity C_sourca C_data_in C_sizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C__wr ) 

* C_mf snubusy"; ; 

lat C_mf anL_writaS * naw_ra cur siva_daf inition 
falsa 
cc_stata 
* C_mf sm_writ as ' 

"C_mf am_wr it aS (CCStata C_mf sm_atata C_mf sm_s rdy_an C_mf »m_D C_mf sm_grant 
C_mfsm_rst c_mf sm^busy c_mfsm_writa C_mf sm_crqt_ 

C_mf sm_ho 1 d_ C_mf sm_last_ C_mf sm_lock_ C_mf sm_sa 
C_mf snv_invalid C_sf sm_stata C_afsnL_D C_s f sn^grant 
C_sfsia_rst C_sf sm_wxita c_sfsa^addrassad C_sfsm_hlda_ 
C_sf«Bft_ms C_af sm_stata C_af sm^cala^ C_af sm,_last_ 

C_af sm_mala_ C_af sm_rala_ C_af sa^_srdy_ C_afsin_rst 
C_lock_in_ C_last_in_ C_ss C_clkA C_last_out_ 
C_sidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_sourca c_data_in C_sizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 

* C_mf sm_writa" ; ; 

lat C_mf sm_crqt_S * naw_r a cur siva_daf inition 
falsa 
cc_stata 
' C_mf sm_crqt_S ' 
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"C_mf ■m_crqt_S (CCStata C_mfsn*_stata C_m£*m_*rdy_«n C_mfsm_D C_mf ■migrant 

C_mfsnv_rat C_mf sm^busy C_mfsm_writa C_mf sm_crqt_ 

C_mf ■m L _hold_ C_mf*m_last_ C_mf sni_lock_ C_mf sm_s* 

C_jnf »nu invalid C_sfsm_*tata C_afsm_D C_sf sm_ffrant 
C_sfsm_rst C_sf snv_writa C_sf sm^addrassad C_sf «in^hlda_ 
C_afain_i&a C_af sm^stata C_afsm^cala_ C_afsm_last_ 

C_af SHL_iaala_ C_afsn*_rala_ C_afsn*_srdy_ C_afsm_rst 
C_lock_in_ C_last_in_ C_ss C_clkA C_last_out__ 
C_sidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_»_dal C_wrdy C_rrdy 
C_parity C_«ourc» C_data_in C_sizawrba C~iad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 

* C_mf »ffucrcjt_ / ' ; ; 

lat C_mf am_hold_S * naw_racuraiva_daf inition 
falsa 
cc.stat* 

' C_mf sm^hold _S ' 

*C_mf ■m_hold_S (CCStata C_m£sm_*tata C_mf sm_srdy_an C_mt sm_D C_mfsm_ffrant 

C_mf sm_rst C_mf sm_busy c_mf sn*_writa C_mf singer qt_ 
c_mf snL_hold_ C_mf am_last_ C_mf sm_lock_ C_jofsn*_»« 
c_mf am_invalid C_sf saustata C_sfsm_I> C_sf »m_grant 
c^sfsm^rst C_sf sm_wr±ta C_sf sn\_addrassad C_sfsra_hlda_ 
C_sfsm_ms C_af sm^stata C__af sn*_cala_ C_a£sm_last_ 

C_af snt_mala_ C_af sn*_rala_ C_af uvy_BTi3y_ C_afsm_rst 
C_lock_in_ C_last_in_ C_s» c_clkA C_last_out_ 
C_sldla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_da 1_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_sourca C_data_in C_sizawrba C__iad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 

■ C_mf sn_bo ld_ * 7 / 


lat C_mf sm_last_S * naw_racursiva_daf inition 
falsa 
cc_stat# 

'C_mf sm_last_S ' 

"C_mf im_last_s (CCStata C_mf sm_«tata C_mf snv_« rdy_an C_jnf snv_D C mfsm grant 
C_mf snurst c_jnf snubusy C_mf sm_writa C_mfsm_crqt_ 
c_mf snubold_ C_mf snv_last_ C_mf *m_lock_ C_inf sm_s • 

C_mf sn^invalid C_sf sm_stata C_sfsnuD C sfsm grant 
C_sfsnurst C_af sm^writa C_sf sn^addrassad C_sfsm 1 _hlda_ 
C_sfsBv_ms C^afsnustata C_af sni_cala_ C_afsm_last_ 

C_af sra u _mala_ C_af sn*_rala_ C_af sm_»rdy_ C_afsn\_rst 
C_lock_in_ C_last_in_ C_ss C_clkA C_last_out_ 
C_sidla_dal C _jnrgt_dal C_hold_ C_cout_0_ls_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_sourca C_data_in C_s izawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_inf sm^last_ w / ; 


lat C_mfsnulock_S * naw_racursiva_daf inition 
falsa 
cc_stata 
' C_m£ snL.lock_s ' 

"C_mf sm_lock_S (CCStata C_mf sm^stata C_m£sm^srdy_an C_jaf sm_D C mfsm grant 
C_mf sm_rst C_jaf sm^busy C_mf ssLwrita C_ja£sm_crqt_ 

C_mf sm w _hold_ C_mf sm^las t_ C_jnf sm_lock_ C _m£»n\_s* 
c_mfsm_invalid C_sf sm_*tata C_sfanL_D C_sf sm_qrant 
C_sfsm_rst C_sfsm_writa C_sf sm_addrassad C_sf sn^hlda_ 
C_sf sm_ms C_af sm^stata C_af snucala_ C_af saLiatt. 

C_af snL_mala_ C_af sncrala_ C_afsnusrdy_ C_afsnurst 
C_lock_in_ C_last_in_ C_ss C_clkA C_last_out_ 
C_sidla_dal C„mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_sourca C_data_in C_sizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 


* C_mf sm^lock_" ; ; 


lat C_mfsm^ssS * naw_r a cur siva_daf inition 
falsa 
cc_stata 
# C_mf sm_ssS ' 
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"C_mf sm_a8S (CCStata C_mfam_stata C_mf am_srdy_an C_mf sm_D c_mf sm_grant 
C_mf am_rst c_mf sm_busy C_mf am_wr ita C_mf am^cr qt_ 

C_mf am_hold_ C_afam_last_ C_mf sm_lock_ C_m£»nu»* 
C_mf»nL_invalid C_af sn*_atata C_sfanL_D C_*f anuffrant 
C_sfsm^rat C_af sm_writa C_sf snuaddraasad C_sf ain t _hlda_ 
^afsm^ms C_afam^atata c_af an\_cala_ C_af anul**^ 
C_afsm_mala_ C_afsm_rala_ C_af anL_srdy__ C_afsin_r*t 
C_lock_in_ C_laat_in_ C_n C_cl)cA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_sourca C_data_in C_sizawrba Ci_iad_out 
C_alaO C_a3a2 C_iad_in c_wr) 

x C_mf sm_sa w ; ; 

let C_m£ain_invalidS * naw_racursiva_daf ini t ion 
falsa 
cc_stata 

* C_raf am_inval ids ' 

"C_infsm_ invalids (cost at a C_mfsnustata C_mf sm l _Brdy_an C_mf am_D C_mf sm_grant 
c_mf sm_rst c_mfsm_buay C_mf sm_writa C_mf ain_crqt_ 

C_mf snubold_ C_mf am_last_ C_mf sn*_lock_ C_mfsm_aa 
c_mf sm_invalid C_a£sin_stata C_sfaa^_D C_sf sm^grant 
c_sfsm_rat C_sf am^writa C_sf am_addraaaad c_afsm_hlda_ 
C__af sauna C_af am^atata C_af am_cal a_ C_afam_last_ 

C_af am_raala_ C_af sm_rala_ C_af sm_srdy_ C_afsm_r*t 
C_lock_in_ C_last_in_ C_aa C_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la c_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C__parity C_aourca C_data__in C_sizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

x C_mf sm_invalid" / j 

let C_af am_atataS * naw_ra cur a iva_daf inition 
falsa 
cc_stata 
' C_af am_atataS ' 

"C_sf anuatataS (CCStata C_mf am_atata C_mf sm_ardy_an C_mf sm_D C_mf am_grant 
C_mf am^rat C_mf aro_buay c_mf anL-writa C_mf anucrqt_ 

C_mf am u ,hold_ C_mf snv_last_ C_mf am^lock^. C_mf am_sa 
C_mf anuinvalid C_af sia_stata C_sfsncD C_sf an^grant 
C_afanv_rat c_sf smurrita C_af am_addraaaad C_af ain_hlda_ 
C_af an^ma c_afanu*tata C_af C_af am_lnat_ 
c_afanu»ala_ c_afam_rala_ C_af am_ardy_ C_afsm_rat 
C_loc)c_in_ C_laat_in_ C_as C_clkA C_last_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_sizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

s C_af axn^atata"; ; 

let C_afaw_DS * naw_racursiva_da£ inition 
falsa 

cc_etata 
' C_s f am_DS ' 

«C_afam_DS (CCStata C_mf an^atata C_mf am_a rdy_an C_mf anv_D C_mf a migrant 

C_mf am_rat c_mf an^buay C_mf artuwrita C_mfam_crqt_ 

C_mf am_hold_ C_mf sm_last_ C_mf am_lock_ C_at am^aa 
C_mf sm_invalid C_a faints tat a C_afam_D C_af aa^grant 
C_afsm_rst C_sf saurrlta c_af sa*_addrassad C_sf an^_hlda_ 
C_af sauna c_a faints tat a C_af anL»cala_ C_af saL.laat_ 
C_afaauttala_ C_af amoral a_ C_af am^ardy^ C_afam^rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal c_hold_ C_cout_0_la_dal 
C_cin_2_la C _mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba C_iad_ont 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_afanv_D";i 

lat C_a£anugrantS = naw_ra cur a iva_daf inition 
falsa 
cc_stata 
'C_af am_grantS ' 
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"C_af am_grants (CCStata C_mf am^atata C_mf anu«rdy_an C_mf anuD C_mf anL_grant 

C_mf am_rat C_mf anL_buay C_mf am_writa C_mf am_crqt_ 

C_mf am_h.old_ C_mf am^laat_ C_mf am_lock_ C_mfam_*« 

C_mf am_invalid C_afam_atata C_afanL_D C_ sf am_grant 
C_af»a_r»t C_afanL.writa C_af am_addraaaad C_afam_hlda_ 
C_ a £ sin^ma C_af am^atata C_afanucala_ C_af am_l*®t_ 

C_a£ animal a_ C_afam_rala_ C_afanL.ard.y_ c_afam_rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba CCiad_out 
C_alaO C_a3a2 C_iad_in C_wr } 

« C_af am_grant w ; ; 

lat C_afam_ratS = naw_racur a iva_daf inition 
falaa 
cc_atata 
'C_af ara_rats 7 

w C_af am_rats (ccstata C_m£am_atata C_mf em_ardy_an C_mf am_D C_»fam_grant 

C_m£airv_rat C_mf sm_buay C_mf am_writa C_mf am_crqt_ 

C_mf am_hold_ C_mf am_laat_ C_mfam_lock_ C_mf anuaa 
C_mf am_ittvalid C_af am_atata C_afam_D C_afanL.gr ant 
C_a fam_rat C_af am_writa C_af am_addraaaad C_af am_Jilda_ 
C_af am_ma C_afam_atata C_af am_cala_ C_afam_laat_ 

C_af anL_mala_ C_af am_rala_ C_af am_»rdy_ C_afam_rat 
C_lock_in_ C_laat_in_ C_aa C_cX)cA C_laat_out_ 
C_aidla_daX C_mrqt_dal C_hold_ C_cout__0_Xa_dal 
C_cin_2_la C_mrdy_daX_ C_iad_an_a_daX C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 

■ C_a£artL_rat w ; / 

Xat C_af am_wr it aS * naw_racuraiva_daf inition 
faXaa 
cc.stata 
' C_af am_writaS ' 

"C_af am_wxitaS (CCStata C_mf azn^atata C_mf an^ardy_an C_mf am^D C_mfaHL.gr ant 

C_mf am_rat C_mf anL_buay c_mf am_writa C_mf am_crqt_ 

C_mf anuhold_ C_mfam_laat_ C_mf am_lock_ C_mf am_aa 
C_mf am^ invalid C_afam_atata C_afam_D C_afam_grant 
C_afam_rat C_af anL_writa c_af am_addraaaad C_af an\_bXda_ 
C_afam_ma C_afam_»tata C_afam_caXa_ C_afam_Xaat_ 
c_af am_mala_ C_af am^rala_ C_afam_ardy_ C_afam_rat 
C_lock_in_ C_laat_in_ c_aa C_clkA C_Xaat_out_ 
C_aidXa_daX C _mrqt_daX C_hoXd_ C_cout_0_Xa_daX 
C_cin_2_Xa C _mrdy_daX_ C_iad_an_a_daX C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba C_iad_out 
C_aXaO C_a3a2 C_iad_in C_wr) 

« C_a£am_wxita w ; ; 

lat c_af am_addraaaads * naw_racuraiva_daf inition 

faXaa 

cc_atata 

' C_a f anL_addr aa a ads * 

"C_af anL_addraaaadS (CCStata C_mf am_atata C_mf anv_*rdy_an C_mfanL.I> C_mf am_grant 

C_mfam_rat C_mf am_buay C_mf am_writa C_mfam_crqt_ 
C_m£am_bold_ C_mf am_laat_ C_mf am_lock_ C_mfam_aa 
C_mf am_invalid C_afam_atata C_afan\_D C_afanL.gr ant 
c_afaHL_rat C_af anL_writa C_afanL_addraaaad C_afam_hlda_ 
C_afanL_ma C_af am^atata C_af eHL_cala_ C_afam_laat_ 

C_af am_mala_ c_af am_rala_ C_af aHL_ardy_ C_afaHL.rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

m C_af am_addraaaad"; j 

lat C_af anublda_S * naw_ra cur a iva_daf inition 
falaa 
cc_atata 
' C_a f am_hlda_S ' 
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w C_sf •m L _hlda_S (CCState C_mf sm_*tate C_mf sm_Brdy_en C_mfam_D C_mf entrant 

C_mfam_rat C_mf ain_buey C_mf sm_write C_mf em_crqt_ 

C_mf •m_hold_ C_mf am_laat_ C_mf am_lock_ C_mf am_* » 

C_mf am_inval id C_af am_atata C_afain_D C_af emigrant 
C_afam_rat C_afam_write C_af anu*ddreaeed C_a£anublda_ 
C_af aro_aa C_af acetate C_ef ain_cale_ C_ef ain_laet_ 

C_af animal •_ C_afam_rala_ C_ef aiiL_«rdy_ C_efaia_ret 
C_lock_in_ C_laat_in_ C_aa C_clXA C_laat_out_ 
C_aidla_dal C_mrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C_mrdy_dal_ c_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aource C_data_in C_aizewrbe C~lad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 

* C_a f am^hlda_" / / 

let C_sfam_maS = new_recuraive_daf inition 
falae 
cc_atate 
'C_af am_ineS ' 

"C_af am_maS (ccstate C_m£am_atate C_mf am_erdy_en C_m£ am_D C_mf anv_g rant 
c_mfam_rat C_mf am^buay C_mf em_write C_inf anucrqt_ 
C_mfam_hold_ C_mfanul*»t_ C_mf am_lock_ C_m£*m_*» 

C_mf am_invalid C_af anu^tate C_efein_D C_a£am_grant 
c_afam_rat C_a£am_write C__af am^addreeaed c_afam_hlda_ 
C_afam_JM C_efam_atate C_ef anv_cale_ C_ef 
C_ef anL_»ale_ C_efanurale_ C_ef an*_»rdy_ C_efam_rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidle_del C_mrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C_mrdy_del_ C_iad_en_a_del C_wrdy C_rrdy 
C_parity C__aource C_data_in C_aizewrbe C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_sf am_ma " ; ; 

let C_e£am^atateS * new_recuraive_def inition 
falae 
cc_atate 
'C_ef am_atateS ' 

"C_ef am_atateS (CCState C_mf am^atate C_mf am_ardy_en C_mf am^D C_mf am_grant 
C_mfanL.rat C_inf ancbuay C_mf an^write C_mf am_crqt_ 

C_mf anubolcL_ C_mf am^laat_ C_mf am_lock_ C_mf am_aa 
C_mfanL_invalid C__af am^atate C_afanLJ> C_afam_grant 
C_afa»_rat C_afam_write C_af am_addreaaed C_af am_>l<i*_ 
C_afam_ma C_ef am^atate C_ef anL.cale_ C_ef am_laat_ 

C_ef am_m*le_ C_ef aKL_rale_ C_efam_*rdy_ C_efam_rat 
C_lock_in_ c_laat_in_ C_aa c_clkA c_laat_out_ 
c_aidle_del C_mrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C_mrdy_de 1_ C_iad_en_a_del C_wrdy C_rrdy 
C_parity C_aource C_data_in C_aizewrbe C_iad_out 
C_alaO C_a3a2 C_i«d_in C_%rr) 

* C_ef am_*tate w ; ; 

let C_efam_cale_S * new_recur a ive_def inition 
falae 
cc_etate 
' C_ef am_cale_S # 

«C_ef «m_cale_S (CCState C_mf am^atate C_mf am^ardy_en C_mf am_D C_mf anuff rant 
C_mfam_rat C_mf am_buay C_mf am^write C_mfam_crqt_ 
C_mfam_bold_ C_mf am_laat_ C_mf aia_locX_ C_mfam_aa 
C_mf am_invalid C_af anv^atate C_afam_D C_af am_grant 
C_afam_rat C_afam_write C_af am^addreaaed C_a f am__hlda_ 
C_afain 1 _ma C_ef am_atate C_ef an^_cale_ C_ef aia_laat_ 
c_ef am^male_ C_ef anv_rale_ C_ef am^ardy_ C_efeia_rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidle_del C_mrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C_mrdy_del_ C_iad_en_a_del C_vrdy C_rrdy 
C_parity C_aource C_data_in C_aizewrbe C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

■ C_ef am_cale_" ; / 

let C_ef an^_laat_S ■ ne w_re cur a ive_def inition 
falae 
cc_atate 
'C^ef am_laat_S ' 
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«C_af am_laat_S (CCState C_m£*nu* tat« C_mf ain_erdy_en C_mfeRLJ> C_mf •migrant 

C_mf am_rat C_mf am_buay C_mf am^write C_mf an*_crqt_ 
C_mfsm^hold_ C_mf am_laat_ C_mf sn*_lock_ C_mf am_sa 
c_mf am_invalid C_afam_atate C_sfsis_D C_sf am. grant 
C_sf8m^rst C_a£anL_writ* C_af snu*ddressed C_sf snL_blda_ 
C_sfsm_»* C_ef sn^state C_efsm_cale_ C_ 

C_afam_mala_ C_efan^rale_ C_ef sm_ardy_ C_efsm_rst 
C_lock_in_ C_last_in_ C_aa c_clkA C_last_out_ 
C_aidla_del C_mrqt_del C_hold_ C_cout_0_la_dal 
C_cin_2_le C_mrdy_dal_ C_iad_en_a_del C_wrdy C_rrdy 
C_parity C_source c_data_in C_aizewrbe C~iad_out 
C_alaO C_a3a2 C_lad_in C_wr) 

= c_ef / 

Imt C_e£sm^male_S * new_recursive_def ini t ion 
false 
cc_atate 
' C_ef 8m_male_S 4 

*C_ef sm_mala_s (CCState C_m£snu*tate C_mf am_s rdy_en C_mfsm_D C_mf em_grant 

C_mfsm_rst C_mf snubusy C_m£ a rewrite C_af am_crqt_ 

C_mf sm_bold_ C_mf am_laat_ C_m£sm^loc)c_ C_mf am_as 
C_mf snuinvalid C_s£sift_»tate C_sfsm_D C sfsm grant 
C_afsm_rst C_s£sBL_write c_sfsm_addr eased C_sfsnUilda_ 
C^afanL^a* C_e£ anv_atate C_ef an^_cale_ C_ef sn*_l**t_ 
C_efsn*_m*le_ C_efsi*_rale_ C_efsn*_*rdy_ C_efsx*_rst 
C_locfc_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aldle_del C_jnrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_la C_mrdy_del_ C_iad_en_a_.de 1 C_wrdy C_rrdy 
C_parity C_source C_data_in C_aizewrbe C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

k c_ef soumale^/ ; 

let C_e£am_rale_S 3 new_recuraive_de£inition 
false 
cc_state 
'C_ef amoral e_S ' 

"C_efara_rale_S (CCState Cjn£sxn_»tate Cjaf an^_ardy_en C_m£am_D C_m£am_grant 
C_mf am^rat C_m£ amjbuay C_jnf an*_write C_jaf sm_crqt_ 
C_m£anv_hold_ C_mf angles t_ C _mf an\_lock_ c_mfsm_ss 
C_mf am^invalid C_sf ancstate C_afam_D C afam, grant 
C_a£anurat C_a£anL_write C_sfsnu*ddreseed C_af ara_blda_ 
C_a£ am^ma C_ef animat ate C_ef snucale_ C_efam_last_ 

C_ef an*_male_ C_e£sn*_rale_ C_e£am_*rdy_ C_e£am_rat 
C_lock_in_ C_laat_in_ C_ea C_clkA C_laat_out_ 
C_aidle_del C_mrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C _mxdy_del_ C_iad_en_a_del C_vrdy C_rrdy 
C_parity C_aource C_data_in C_aizewrbe C_iad_out 
C_alaO C_a3a2 C_iad_in C_wx) 

* C_ef am_rale_ w ; ; 

let C_ef sm_srdy_S * new_recursive_def ini t ion 
false 
cc_state 
' C_e f am_a rdy_S ' 

*C_ef am_srdy_S (CCState C_iof a ro^atate c_mf am^srdy_en C_mfsm_I> C_mf snujrant 
C_m£am_rat C_mf snubusy C_mf anL-Write C_jaf sm_crqt_ 

C_mf sm^hol<i_ C_m£am^laat_ C_m£sn^lock_ C_mfain_a8 
C_mf ain_invalid C_ef am_atata C_a£aBL_D C afam grant 
C_8fsm_rst c_af anL_write C_af snuaddressed C_af an^_hlda_ 
C.afancitt® C_efam_»tate C_ef sxn_cale_ C_efsn*_laet_ 
c_e£am u _tt*i«_ C_ef antral e_ C_efsn*_srdy_ C_efam_rst 
C_lock_in_ C_laat_in_ C_aa C_cl)cA C_laat_out_ 
C_aidle_del C_mrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C_mrdy_del_ C_iad_en_a_del C_wrdy C_rrdy 
C_parity C_aource C_data_in C_sizewrbe C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

« C_ef sBL.ardy."/ ; 

let C_efain_rstS « new_recuraive_def inition 
false 
cc_etate 
'C_ef am_ratS ' 
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"C_af am_rats (CCState C_mf an^atata C_mf am_ardy_an C_mf#nL_D C_mf am^grant 
C_mf sm_rst C_mf sm_busy C_mf am_writa C_mf an*_c*<Jt_ 

C_mt sm_hold_ C_mf sm_last_ C_m£ am_lock_ C_mf »m_a s 
C_m£ am^inval id C_af am^atata C_afan*_D C_afam_ffrant 

C_af anuwrita C_af aia_*ddreB8ad C_afam_hlda_ 
C_afaiiL_m» C_af am^atata C_efam_cale_ C_af am_laat_ 
C_afam_nala_ C_af an*_rala_ C_af am_ardy_ C_afain_rst 
C_lock_in_ C_laat_in_ c_aa C_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C__hold_ C_cout_0_la_dal 
C_cin_2_le C_mrdy_dal_ C_iad_en_a_dal C_wrdy C_rrdy 
C_parity C_aource C_data_±n C_aizewrba Cliad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

= C_af sm_rat w ; ; 

lat C_lock_in_S ■ naw_recuraiva_daf inition 
falsa 
cc_atata 
' C_lock_in_S ' 

w C_lock_in_S (CCState C_mf sm_state C_mf am_srdy_an C_mf am_D C_mfam_grant 
C_mf sm_r at C_mf sm^busy C_mf am^write c_mf anv_crqt_ 

C_mf s m_ hoi d_ C_mf sm_las t_ C_n\£ am_lock_ C_mf am_as 
C_mf sm_inval id C_sf am^atata C_a£am_D C_sf emigrant 
C_*fsm_rat c_a£a nuwrlta C_af Bnv_addraaaed C_afaiOilda_ 
C_sfam_»* C_af am^atata C_afam^cale_ C_ef ain_l*»t_ 

C_af am_mala_ c_af aia_rale_ C_af anuardy_ C_afam_rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla__dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_lad_an_a_dal C_wrdy C_rrdy 
C__parity C_aourca C_data_ln C_aizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_lock_in t } 

lat C_ laat_ln_S * naw_ra cur a iva_da£ inition 
falsa 
cc_atata 
'C_laet_in_S ' 

"C_last_in_S (ccstata C_mf sm_stata c_mf am_ardy_an C_mf am_D C_mf am_grant 
C_mfaxn_rat C_mf am_buay C_mf am_wrlta C_mf am_crqt_ 

C_mf sm_hold_ C_mf am_laat_ C_mf am_lock_ C_m£ am^a a 
C_m£am_invalid C_af BKuatate C_afanL_D C_af emigrant 
C_afauurat c_af anuwrita C_af am_*ddr«»*«d C_a£an^hlda_ 
C_af am_ma C_af an^atate C_ef ant_cala_ C_a£aia_laat_ 

C_af animal a_ c_a£am_rala_ C_af an_ardy_ C_afam_rat 
C_lock_in_ C_laat_in_ C_aa c_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_da 1 
C_cin_2_la C_mrdy_del_ C_iad_an_e_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C__wr ) 

= C_laat_ln_" ; ; 

lat C_aaS « naw_recursiva_daf inition 
falaa 
cc_atata 
' C_aaS ' 

"C_aaS {CCStata C_mfsm_atata C_n£am_ardy_an C_inf sm_D C_mf aitL_gr ant 

C_mf am_rat C_mf am_buay C_mf am^writa C_mf am_crqt_ 

C_m£ am ( _hold_ C_mf am_laat_ C_mf am_lock_ C_mf sm_ss 
c_mf am^invalid C_afam_«tata C__afa*_D C_afai*__grant 
C_af am_rat C_a£am_writa C_af am_addraaaad C_af anvJilda_ 
C_afaia_ina C_afanuatata C_af ant_cala_ C_a£am_laat_ 
C_afaw_mala_ C_a£am_rala_ C_a£aia_ardy__ C_a£am_rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 


lat C_clJtAS = naw_racurslva_daf inition 
falsa 
cc_etata 
'C_clkAS ' 
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"C_clkAS (CCState C_mf am_§tate C_mf am^s rdy_en C^mfam^D C_mf * migrant 

C_m£sm_rst C_mf sm_busy C_mf sm^write C_m£ env_crqt__ 

C_mf em L _liold_ C_mf »m_laat_ C_mf sm_lock_ C_mf »m_ai 
C_m£«m_iBvalid C_sf sm_state C_sfsnL_D C_afsnL_grant 
C_sfsii*_rst C_afsnL_write C_sfsm_addr eased C_sfam_hlda_ 
C_sfsin_ma C_ef am_atat« C_ef arnica le_ C_ef em_l**t_ 

C_ef sm_male_ C_ef am_rale_ C_e f sm_ a rdy_ C_ef »xn_r«t 
C_lock_in_ C_laat_in_ C_as C_clkA C_last_out_ 
C_«idle_del C_inrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C_mrdy_del_ C__i ad_en_a_de 1 C_wrdy C_rrdy 
C_parity C_source C_data_in C_#izewrbe C~iad_out 
C_alaO C_a3a2 C_iad_in C_wx) 

= C_cDcA"; / 

let C_laat_out_S = new_re curs ive_def ini t ion 
false 
cc_atate 
' C_laat_out_S ' 

"C_last_put_S (CCState c_mfam^atate C_mt anL_* rdy_en C_mfsn*_D C_mf am grant 
C_mf am_r»t C_mf sm^buay C_mf am_wr ite C_mf en*_crqt_ 
c __mf sm_hold_ C_mf sm_l**t_ C_mf sm_lock_ C_mf am_a s 
C_mf am_invalid C_*f anus t ate C_s£sm_D C_sf entrant 
C_sfsnL_rst C_sf sn^write C_af am^addreaaed C_sf am_klda_ 
C_sfsxn_»* C_ef am_atat* C_efam_cale_ C_ef sm_l*®t_ 
C_efsm_male_ C_efsm_rale_ C_ef en^_srdy_ C_efam_rst 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 

C_a idle_del C_mrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C_mrdy_del_ C_iad_en_a_del C_wrdy C_rrdy 
C_parity C_source C_data_in C_eizewrbe C_lad^out 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_laat_out_" i / 


let C_aidle_delS * new_recursive_def ini t Ion 


false 

cc_state 

J C_s ldle_de IS ' 

"C_aidle_.de IS (CCState C_jnf #m_atate C_mf sm^srdy_en C_m £ ntaJD C_mt am grant 
C_mf a*a_rat C_iaf am_buay C_mf sm_write C_mf sn_crqt_ 

C_af anuhold_ C_mf arable# t_ C_mf em_lock_ C_mf am_aa 
C _jaf axn_ invalid C_sf sn^_atate C_efsBL_p C_af emigrant 
C.afam^rat C_sf an^write C_afanuaddr eased C_sfem_hlda_ 
C_s£snL_ms C_ef sm^state C_ef am_cal e_ C_efsaul**t_ 

C_ef am_male_ c_efan^rale_ C_ef azL.ardy_ C_efsm_r®t 
C_lock_in_ C_laat_in_ C_aa C_clkA C_last_out_ 
C_aidle_del C_mrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C_mrdy_del_ C_iad_en_a_del C_wrdy C_rrdy 
C_parity C_aource C_data_in C_aizewrbe C_iad^out 
C_alaO C_a3a2 C_iad_in C_wr) 


■ C_sidle_del" ; / 


let C_mrqt_delS * new_r e curs ive_def ini t ion 
false 
cc_atate 
# C_mrqt_delS ' 

"C_mrqt_delS (CCState C_m£am_atata C_mf am^ardy_en C_mf am_D C_mf a m g rant 
C_mfanv_rat C_m£snt_busy C_mf am_write C_mf sm_crqt_ 

C_mf anv_hold_ C_mf ain_laat_ C_mfsn*_lock_ C_mfsin_ea 
C_mf am_ inv a 1 id C_af am_ state C_sfam_D C_af sm_grant 
C_sfam^rat C_sf snt_write C_sfsnt_addr eased C_sfsn*_hlda_ 
C_afenL.ma C_ef am_*tate C_e£en*_cale_ C_e£enul®*t_ 
C_efam_»*l«_ C_ef sB*_rale_ C_efsn*_»rdy_ C_efanurat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidle_del C_mrqt_del C_hold_ C_cout_0_le_del 
C_cin_2_le C_mrdy_del_ C_iad_en_a_del C_wrdy C_rrdy 
C_parity C_*ource C_data_in C_sizewrbe C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 


let C_hold_S * new_recuraive_def inition 
false 

cc_state 
' C_hold_S ' 
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"C_hold_S (CCStata c_mf snu*tata C_mf •m_* rdy_an C_m£*in L _D C_mf sm__grant 

C_mf sm_r*t C_mf sm_busy c_mfsm_writa C_mf sm_crqt_ 
C_mfsm_hold_ C_mf C_m£ ■m l _lock_ C_mf sm_s« 

C_mfsm_invalid C_*£«m_«tata C.sfsra^D C_sfsa_grant 
C_sfsm_rst C_sf sa_writa C_sf snuaddraasad C_s£sn*_hlda_ 
C_sfsm_ms C_afsm_stata C_af sm_cala_ C_af sm_last_ 
C_a£*nt_m*l«_ C_af sra^rala_ C_af sn*_srdy_ C_afsm_rst 
C_lock_in_ C_last_in_ C_*i c_cl)cA C_last_out_ 

C_s ±dla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity c_sourca C_data_in C_sizawrba CJiad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

a C_hold_" / ; 

let C_cout_0_la_dalS = naw_racursiva_daf inition 
falsa 
cc_stata 

'C_cout_0_la_dalS # 

"C_cout_0_la_dalS (CCS tat a C_mf *m_«tata C_mf sm>_srdy_an C_mfsm_D C_mf snug rant 
C_mfsm_rst C_mf sm_busy C_mf sm_writa C_mf sm_crqt_ 
C_m£#m_hold_ C_mf sm_last_ C_mf sm„loc)c_ C_mf sm_si 
C_mf sm_iavalid C_sfsm_stata C_sfsn^_D C_sf ssL_grant 
C_sfsnv„rst C_sfsm_writs C_sf sc^addrassad C_sf sn*_kld*_ 
C_sfsm_m* C_afs«_stata C_af sm^cala,. C_af sn*_last_ 
C_afsm_mala_ C_a£ sm^rala_ C_afsm_srdy_ C_afsm_rst 
C_locfc_in_ C_last_±n_ C_ss c_clkA C_last_out_ 
C_sidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_da 1_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_sourca C_data_in C_sizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_cout_G_la_del" ; ; 

lat c_cin_2_laS * naw_racursiva_daf ini t ion 
falsa 
cc_stata 
'C_cin_2_laS ' 

*C_cin_2_laS (CCStata C_mfsm_*tata C_mf rdy_an C_mf sm_E C_af snL_grant 
C_mf sm_rst C_mf sm^busy C_mf snuwrita C_mf sm_crqt _ 

C_mf sin_hold_ C_mf six_last_ C_mf *n*_locfc_ C_mfsn^_ss 
C_mf snu invalid C_sfsa_stata C_sfajn_D C_sf sm_arant 
C_sfsnurst C_sf sm_writa C_sf »m_addxassad C_sfsi^_blda_ 
C_sfsa_«* C_af sm^stata C_afsa_cala_ C_afs«^last_ 

C_af snL_nala_ c_af sncrala_ C_af sm_srdy_ C.afam^rst 
C_lock_in_ C_last_in_ C_ss C_clkA C_last_out_ 
C_sidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cln_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C.sourca C_data_in C_slzawrba C_iad_out 
C_alaO C_a3a2 C_iad_±n C_vrr ) 

= C_cin_2_la"; ; 

lat C_mrdy_da 1_S = naw_racursiva_daf ini t ion 
falsa 
cc_stata 
' C_mrdy__da 1_S ' 

"C_mrdy_dal_S (CCStata C_mf so^stata C_mf »m_s rdy_an C_mfsnL_D C_mf sm_gr ant 
C_mf sm_rst C_mf snubusy c_mfsa_vrita C_mf sa_crqt_ 
C_mfsa_hold_ C_mf sin^last^ C_mf sm_loc)c_ C_mf sm_s» 

C_mf srn_invalid C_sf sm^stata C_sfanL>D C_sf s migrant 
C_sfsa_rst C_sfsnL_writa C_sf sm_addraaaad C_sfsm_hlda_ 
C_sfsm_ms C_af sm^stata C_af sm_cala_ C_af sm_last_ 
c_afsm_mala_ C_af amoral a_ C_a fs:a__ardy_ C_af am^rs t 
C_lock_in_ C_last_in_ C_ss C_clkA C_last_out_ 
C_sidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal__ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C.sourca C_data_in C_sixawrba C_lad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 

■ C_mrdy_dal_ w ;; 

lat C_lad_an_s_dalS * naw_ra curs iva_daflnlt ion 
falsa 
cc_stata 

' C_iad_an_a_dalS ‘ 
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"C_iad_*n_s_d«lS (CCStata C_pi£ snL.atata c_jaf 8m_«rdy_#n C_mfanuD C_mf anuffrant 

C_mf am_rat C_mf •itL_bu*y C_mf ■n*_writa C_mf ain_crqt_ 

C_m£ ■nuhold_ C _jnf •m_la*t_ C_m£ am_loc)c_ c_mf »a_aa 
C_mf axn^invalid C_af an^atata C_afsm_D C again grant 
C_afain_rst C_af snL_wr±ta C_sfsm_addraaa8d C_a£sm_hlda_ 
^afam^ma C_afam_atata C_af an*_cala_ C_af sm_laat_ 
C_afanL_mala_ C_afanurala_ C_af SH*_ardy_ C_afanL_rat 
C_lock_in_ C_laat_in_ C_aa c_clkA C_last_out_ 
C_aidla_dal C_mrcjt_dal C_hold_ C_cout_0_la_da 1 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca c_data_in C_sixa%rrba C2iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 


= C_iad_an_a_dal" ; ; 


lat C_wrdyS * naw_racuraiva_daf inition 
falsa 
cc_stata 
' C_wrdyS ' 

"C_wrdyS (ccstata c_mf snt_stata C_mf em_ardy_an c_mfam_I> C_mf »m_grant 

C_mfsm_rat C_mf an\_buay C_mf anuwrlta C_mf snv_crqt_ 

C_mf am_hold_ C_jnf sm^laat_ C__mf am^lock_ C_mf am_aa 
C_mfanu invalid c_sf am_atata c_afantJ> C_afam_grant 
C_sfsm^rst C_afsm_writa C_af snv^addraasad C_sf SBL.hlda_ 
C_afain^ma C_afam_»tata C_afam_cala_ C_af si*_last__ 
c_af am^jnala^ C_a fsnurala_ C_af sin_«rdy_ C^afan^rat 
C_locfc_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_da 1 
C_cin__2_la c_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_jparity C_aourca C_data_in C_sizawrba C__iad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 

■ C_wrdy" ; ; 

lat C_rrdyS * naw_racuraiva_daf inition 
falsa 
cc_stata 
' C_r rdyS ' 

"C_rrdyS (CCStata C_mfsm_atata C_mf sn*_srdy_an C_m£ mm^JD C nfam grant 

C_mf sa^rst CjafsmjDuay C_nf aa_writa C_mf sm_crqt_ 

C_mf sa^hold_ C_mf sm^las t_ C_mf am_lock_ C_mf am_aa 
C_mf sm^ invalid C_sf sn^atata C_sf sm_D C a fan grant 
C.afan^rat C_sf sm^vrlta C_af sm_*ddraasad C_af am_hlda_ 
C_afanL_ma C_af am_»tata C_*fam_cala_ C_af am_laat_ 
C_afanL_mala_ C_af anurala_ C_af sn*_ardy_ C_afan^rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla__dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_aourca C__dat a_in C_sizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

m C_rrdy w ; ; 

lat C_parityS * naw_racuraiva_daf inition 
falsa 
cc_stata 
' C _parityS' 

v C_parityS (ccstata C_mf sit_atata C_mf am_*rdy_an C jnfant.D C_jnf am grant 

C _mf anurat C_mf anubuay C_mf am_wr i t a C_mf snv_c r qt _ 

C_mf am^hold_ C _jnf am^laat_ C_mf sm^lock^ C_mf am_»» 

C_mf am_ invalid C_af ar^_atata C_sfsm_I> C_afaav_grant 
C_afam^rat C_af anuwrita C_af an^addraaaad C_sfsm_hlda_ 
C_afanL_aa C_a£am_atata C_af anneal a_ C_af am_laat_ 

C_af anuiaala_ C_afsnurala_ C_af am_ardy_ C_afsm_rst 
C_lock_in_ C_laat_in_ C_aa C_clkA C_last_out_ 
C_»idla_dal C_mrq^_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_s_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aixawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_parity";; 

lat c_aourcaS * naw_racura iva_daf inition 
falsa 
cc_at»ta 
r C_aourcaS ' 
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«C_aourcaS (CCStata C_mf »m_»tata C_mf «m_ardy_an C_mt9ia^D C_mf ■ migrant 

C_mf am_r«t C_mf anubuay C_mf snL_writa C_mf *m_crqt_ 

C_mf im_hold_ C_mf am^laat_ C_mf am_locfc_ 

C_m£*nuiavalid C_afam_»tata C^afanuD C_af anuffrant 
c_afam_rat C_af •nL.writa C_af ai®_addra»aad C_afam_blda_ 
C_afanL_ma C_afain^atata c_af an*_cala_ C_afam_l**t_ 

C_af anuniala- C_af sm_rala_ C_af am l _ardy_ C_afam_rat 

C loc)c in_ c_laat_in_ C_aa C_cl)cA C_laat_out_ 

C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_da 1_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba CIiad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_aourca";/ 

let C_data_inS * naw_racruraiva_daf inition 
falaa 
cc_atata 
'C_data_inS ' 

«C_data_inS (CCStata C_mf am^atata C_in£ am^a rdy_an C_mf am_D C_mf am_grant 
C_mf am_rst C_in£ am_buay C_m£»m_writa C_m£ am_crqt _ 

C_mf am_hold_ C_mf sn*_laat_ C_mf am_lock_ C_mf am_a» 

C_mf am_invalid C_afam_atata C_a£am^D C_afanugrant 
c_afanurat C_afam_writa C_a£an_addraaaad C_afam_blda_ 
C_afam_ms C_af am^*tata C_af am_cal a_ C_afain_l**t_ 
C_afaav_mala_ C_afa®_rala_ C_af ai*_ardy_ C_afaia_rat 
c_lock_in_ c_laat_in_ C_aa C_c lkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_da 1 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
c_parity C_aourca C_data_in C_aizawrba C_iad_out 
C_alaO C_a3a2 C_iad_ln C_wr) 

= C_data_in" ; ; 

let c_aizawrbaS * naw_racruraiva_da£inition 
falaa 
cc_atata 
'C_aizawrbaS ' 

"C_aizawrbaS {CCStata C_mf am^atata C_mf anL_**dy_an C_mfam_I> C_mf am_grant 
C_mfanurat c__mf am^buay C_mf anuwrita C_mf am_crqt_ 

C_mf am_hold_ C_mfam_laat_ C_*f am^lock. C_mf am_a* 
C_mfanv_invalid C_af an^atata C_afanL_D C_af anuffrant 
C_afaj»L.r»t C_af aia_writa C_af anuaddraaaad C_a fan*_hlda_ 
C_a f amjft* C_afam_atata C_afa«_cala_ C.afenul**^- 
C_af am L _mala_ C_afa®_rala_ C_af an*_ardy_ C_afanv_rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aldla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal c_wrdy C_rrdy 
C_parity C_aourca C_data_ in C_aizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

m C_aizawrba"; ; 

let C_iad_outS * naw__racuraiva_daf inition 
falaa 

cc_atata 
'C_iad_outS ' 

"C_iad_outs (CCStata c_mf aift_atata C_mf am_ardy__an C_mfam_D C_mf im_grant 
C_mf »m_rat C_mfam_buay c_mf aa^writa C_mf am_crqt_ 
r_mf«m_hnld c_mf am_laa t_ C_mf an^_lock_ C_mf am_aa 
C_mf an^invalid C_af an^atata c_afam_D C_afam_grant 
C_af an^_rat C_afam_writa C_af an*_*ddraaaad C_af am_^lda_ 
C_afam^ma C_af an\_atata C_af an^cala_ C_afam_laat_ 
C_afam_mala_ C_afam_rala_ C_afam_ardy_ C_afam_«t 
C_lock_in_ C_laat_in_ C_aa C_elkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_ai*awrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_iad_out " ; / 

let C_alaOS ■ naw_racuraiva_daf inition 
falaa 
cc_atata 
/ C_alaOS J 
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"C_alaOS (CCStata C_mf an^atata C_mf aHU»rdy_an C_mf am_D C_mfam_grant 

C_mf am^rat C_mf #®_buay C_mf •m.writa C_jnf *m^cTqt_ 

C_mf «in_hold_ C_mf •m L _la*t_ C_mf »m_loc)c_ C_mf am_«» 

C_m£ am,_invalid C_af an*_at*ta C_afaBL_I> C_a f an*_gr ant 
C_afanurat C_af am_writa C_*f am_addra»aad C_af anuhlda_ 
C_afart_m* C_afan*_atata C_afam_cala_ C_af a»L.l*»t_ 

C_af aitu»al«_ C_af amoral a_ C_af aH*_»rdy_ C_afain_rat 
C_lock_in_ C__laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla_dal C_inrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba Cjlad_out 
C_alaO C_a3a2 C_iad_in C_wr) 

* C_alaO w ; ; 

lat C_a3a2S * naw_racuraiva_daff ini t ion 
falaa 
cc_atata 
'C_a3a2S ' 

"C__a3a2S (CCStata C_mf anuatata C_mf anuardy_an C_mf anuD C_mf anugrant 

C_m£am_rat C_m£ anubuay C_mf am_writa C_m£am_crqt_ 
C_m£am_hold_ C_jnf am^laat_ C_m£am_lock_ C_mfam_»a 
C_mfaxn_ invalid C_a£anu»tata C_afam_D C_af a8L_Sfrant 
C_afanL_rat C_af anuwrita C_sf anuaddraaaad C_a£anuhlda__ 
C_a£anL_aa C_af am^atata C_ a£am_cala_ C_afa«_laat_ 
C_afam^aala_ C_af antral C_af a«*_ardy_ C_afan*_rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_jnrdy_dal_ C_iad_an^a_dal C_wrdy C_rrdy 
C_parity C_aourca C_data_in C_aizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_vr) 

* C_a3a2 " ; ; 

lat C_iad_inS * naw_racuraiva_da£inition 
falaa 
cc_atata 
‘ C_iad_inS • 

"C_iad_inS (CCStata C_mfam_atata C_mf an*_»rdy__an C_mf mmJD C_mf am_grant 

c_nfam L _rat C _mf a»_buay C_jaf am^writa C_mf am L _crqt_ 

C_m£ anUtold_ C_mf am_i*at_ C_m£an\_lock_ C_jaf am_*« 

C_mf am^invalid c_af anu^tata c_afanL_D C_afain_grant 
C_afan*_rat C_a£am_writa c_af am_addraaaad c_afam L _hlda_ 
C_afanL_ma c_af am^atata C_af anneal a_ C_af az*_laat_ 

C_a£ am L jmala_ C_af a»L_rala_ C_af am_ardy_ C_afain_rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_laat_out_ 
C_aidla_dal C_mrqt_dal C_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_iad_an_a_dal C_wrdy C_rrdy 
C_parity C_aourca c_data_in C_aizawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wr ) 

* C_iad_in" ; ; 

lat C_wrS ■ naw_racuraiva_daf inltion 
falaa 
cc_ atata 
' C_wr S ' 

"C_wrS (CCStata C_mf *m_atata C_mf am_ardy_an c_mfa«*_D c_mf a m g rant 

C_mf an\_rat C_m£am_buay C_mf anuwrita C_mf aia_crqt_ 

C_mf anubold_ C_m£an\_laat_ Cjnf a«*_lock_ C_jnf am_a» 
C_mfam_ invalid C_afam_atata C_afam_D C a f a m g rant 
C_afam_rat C_af an^writa C_af am^addraaaad C_afam_hlda_ 
C_afam_ma C_afam^atata C_af aw_cala_ C_afaa*_laat_ 

C_af anL_n*ala_ C_af anL.^ala_ C_af a^_ardy_ C^afan^rat 
C_lock_in_ C_laat_in_ C_aa C_clkA C_ laat_out_ 
C_aidla_dal C_mrqt_dal c_hold_ C_cout_0_la_dal 
C_cin_2_la C_mrdy_dal_ C_i ad_an_a_da 1 C_wrdy C_rrdy 
C_parity C_aourca C_dat a_in C_alzawrba C_iad_out 
C_alaO C_a3a2 C_iad_in C_wx) 


lat Stata_CASZS * 

prova_caaaa_thm (prova_induction_thm cc_atata) ; / 
lat CCStata_Salactora_Work * prova_thm 
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( 'CCStata_Salactors_Wor)c' , 

"\ a:cc_atata . 

a = (CCStata (C_m£am_atataS a) (C_m£am_ardy_anS a) {C_m£am_DS a) 

(C_mfam_ff rants a) (C_mf a merits a) (C_mf aiiLbuayS a) 

(C_mf anuwritaS a) ( C_mf am_crqt_S a) ( C_mf am_bold_S a) 
(C_m£am_la»t_S a) (C_mf ain^lock_S a) (C_m£am_aaS a) 

(C_m£anu invalids a) (C_a£ain_atataS a) (C_afam_DS a) 
(C_a£sm_grantS a) { C_a Camera tS a) (C_a£anL_writaS a) 
(C_afam_addraaaadS a) ( C_a £ em_hlda_S a) (C_afam_maS a) 

( c_a f sm_a tat aS a) (C_a£anv_cala_S a) (C_af anL.laat_S a) 
(C_afam_mala_S a) (C_af a®_rala_S a) (C_a£am_ardy_S-a) 
(C_a£am_ratS a) ( C_lock_in_S a) (C_laat_in_S a) {C_aaS a) 
(C_clkAS a) (C_laat_out_S a) (C_aidla_dal S a) (C_mrqt_dalS a) 
(C_hold_S a) (C_cout_0_la_dalS a) (C_cin_2_laS a) 

( C_mrdy_dal_S a) (C_iad_an_a_dalS a) (C_wrdyS a) <C_rrdyS a) 
(C_parityS a) (C_aourcaS a) (C_data_inS a) (C_aizawrbaS a) 
(C_iad_outS a) (C_alaOS a) (C_a3a2S a) (C_iad_inS a) 

(C_wrS a) > ", 

GEN_TAC 

THEN STRUCT_CASES_TAC (SPEC "a : cc_atata w Stata_CASES) 

THEN REWRITE_TAC [C_mf am_atataS / C_mf sm_ardy_anS ; C_m£ am_DS ; C_m£am_ff rantS; 

C_mf am_ratS; C_mf am_buayS; C_mf anuwritaS; C_m£ am_crqt _S ; 

C_mf am_hold_S; C_m£am_laat_S ; C_mf am_lock_S ; C_mf am_aaS; 

C_mfam_ invalids; C_af am_atataS j C_afan\_DS; C_a£ain_grantS; 

C_af anuratS; C_af am_writaS; C_*tBT*_±ddrm*9*&Sj 

C_a f anj^hlda_S ; C_a£am_maS; C_af am_*tataS/ C_af anneal a_S; 

C_af am_laat_S; C_af am_mala_S ; C_a£ain^rala_S/ 

C_af am^ardy_S ; C_a£am l _ratS; C_lock_in__S / C_laat_in_S; 

C_aaS; C_clkAS ; C_laat_out_S; C_aidla_dalS; C_mrqt_delS; 

C_hold_S ; C_cout_0_la_dalS ; C_cin_2_laS; C_mrdy_dal_S ; 

C_iad_an_a_dalS; C_wrdyS; C.rrdyS; C_parityS; C_aourcaS; 

C__data_inS; C_ai*awrbaS; C_lad__outS; C_alaOS; C_a3a2S; 

C_iad_inS; C_wrS] 


% 

Abatract data typa Cor tha anvironmant . 




lat cc_anv ■ 

dafina_typa 'cc_«nv' 

' cc_anv * CCBnv wordniwordn wordniwordn bool#bool boolibool 

booltbool bool#bool boolibool boolibool boolibool 
bool#bool boolibool wordniwordn wordniwordn 
wordniwordn wordniwordn boolibool boolibool 
wordniwordn wordniwordn boolibool boolibool 
wordniwordn boolibool ' ; ; 

let I_ad_inE * naw_racuraiva_daf inition 
falaa 
cc_anv 
* I_ad_inB ' 

"I_*d_inE (CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 

I_laat_in_ I_ardy_in_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ma_in CB_aa_in Rat ClkD Id ChannallD 
Pram_£ailura Piu_invalid Ccr Raaat_arror) 

s I_ad_in M ; ; 

let I_ba_in_K * naw_racuraiva_da£ inition 
Calaa 
cc_anv 
' I_be_in_K ' 

"I_ba_in_B (CCBnv i_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 

I_laat_in_ I_ardy_in_ I_locJc_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ma_in CB_aa_in Rat ClkD Id ChannallD 
Pnuq_f ailura Piu_invalid Ccr Raaat_arror) 

• I_ba_in_" ; ; 

lat I_mrdy_in_E = naw_racuraiva_daC inition 
Calaa 
cc_anv 

' I_mrdy_in_E ' 
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"I_mrdy_in_B (CCEnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 
I_la»t_in_ I_»rdy_in_ I_lock_ I_cala_ l_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_ss_in Rat ClkD Id ChannallD 
Pram^f ailura Piu_invalid Ccr Rasat_arror) 

= I_mrdy_in_" ; / 


lat I_rala_in_B « naw_racursiva_daf Inition 
falsa 
cc_anv 

'I_rala_in_E ' 

"I_rala_in_B (CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mara_ln__ 
I_la«t_tn__ I_ardy_in_ I_lock_ I_cala__ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_m*_in CB_»»_in Rat ClkD Id ChannallD 
Pinm_failura Piu_invalid Ccr Raaat_arror) 

= I_rala_in_" ; ; 

l«t I_mala_in_E = naw_racursiva_daf ini t ion 
falsa 
cc_anv 

/ I_mala_in_B ' 

"I_mala_in_E (CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 
I_laat_in_ I_*rdy_in__ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ma_in CB_ss_in Rst ClkD Id ChannallD 
Pnnn_f ailura Piu_invalid Ccr Rasat_arror) 

« I_mala_in_" ; / 

lat I_last_in_B » naw_racur»iva_daf inition 
falsa 
cc_anv 

' I_la*t_in_B ' 

«I_laat_in_E (CCBnv I_ad_in I _ba_in_ I_mrdy_in_ I_rala_ln_ I_mala_in_ 
I_last_in_ I_srdy_in_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_ln_ CB_ad^in CB„ms_in CB_ss_in Rst ClkD Id ChannallD 
Pmm_f ailura Piu_invalid Ccr Rasat_arror) 

■ I_laat_in_" ; / 

lat I_srdy_in_B * naw_racursiva_daf inition 
falsa 
cc_anv 

' I_srdy_in_E ' 

"I_»rdy_in_E (CCBnv I_ad_in I_ba_ln_ I_mrdy_in_ I_rala_in_ I_mala_in_ 
I_last_in_ I_*rdy_in_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_ss_in Rst ClkD Id ChannallD 
Pimn_f ailura Piu_invalid Ccr Rasat_arror) 

■ I_*rdy_in__" / ; 

lat I__lock_B ■ naw_racur»±va_daf inition 
falsa 
cc_anv 
' I_lock_B ' 

*I_lock_B (CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 

I_last_in__ I_srdy_in_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_ss_in Rst ClkD Id ChannallD 
Pxan_f ailura Piu_invalid Ccr Rasat__arror ) 

* I_lock_ w ; ; 

lat I_cala_B * naw_racursiva_daf inition 
falsa 

cc_anv 
' I_cala_B ' 

*I_cala_B (CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 

I_last_in_ I_srdy_in_ I_lock__ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_ss__in Rst ClkD Id ChannallD 
PniD^f ailura Piu_invalid Ccr Rasat_arror) 

■ I_cala_" / j 

lat I_hlda_B * naw_racursiva_daf inition 
falsa 
cc_anv 
' I_hlda_B * 

"I_hlda_B (CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 

I_last_in_ I_srdy_in_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
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« I_hlda_ w ; ; 


CB_rqt_in_ CB_ad_in CB_ms_in CB_ss_in Rat ClkD Id ChannellD 
Pmxn_f ailure Piu_invalid Ccr Reset_error) 


let I_crqt_B * new_recursive_def inition 
falsa 
cc_inv 
* I_crqt_B ' 

"I_crqt_B ( CCBnv I_ad_in I_bs_in_ I_mrdy_in_ I_rals_in_ I_male_in_ 

I_last_in_ I_srdy_in_ I_loc)c_ I_cale_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_ln CB_ss_in Rst ClkD ~Id ChannellD 
Piran_f ailure Piu_invalid Ccr Reset_error) 

= I_crqt_" ; ; 

let CB_rqt_in_B = new_recursive_def inition 
false 
cc_env 

' CB_rqt_in_B ' 

"CB_rqt_in_B (CCBnv I_ad_in I_be_in_ I_mrdy_in„ I_rale_in_ I_male_in_ 
I_last_in_ I_srdy_in_ I_lock_ I_cale_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB__ss_in Rst ClkD Id ChannslID 
Pmm_f^ilure P±u_invalid Ccr Reset_error) 

= CB_rqt_in_" ; ; 

let CB_ad_inB * new_re curs ive_def inition 
false 
cc_env 
'CB_ad_inB ' 

*CB_ad_inB (CCBnv I_ad_in I_be_in_ I_mrdy_in_ I_rale_in_ I_male_in_ 

I_last_in_ I_srdy_in_ I_lock_ I_cale_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_ss_in Rst ClkD Id ChannellD 
Pinm_f ailure Piu_invalid Ccr Reset_error) 

= CB_ad_in" ; ? 

let CB_ms_inB * new_recursive_def inition 
false 
cc_env 
' CB_ms_inB ' 

"CB_ms_inK (CCBnv I_ad_in I_be_in_ I_mrdy_in_ I_rale_in_ I_male_in_ 

I_last_in_ I_srdy_in_ I_lock_ I_cale_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_ss_in Rst ClkD Id ChannellD 
pmm_failure Piu_invalid Ccr Reset_srror) 

s CB_ms_in"; ; 

let CB_ss_inB « new_re cur sive_def inition 
false 
cc_env 
• CB_sa_inB * 

"CB_ss_inB (CCBnv I_ad_in I_be_in_ I_mrdy_in_ I_rale_in_ I_male_in_ 

I_last_in_ I_srdy_in_ I_lock_ I_cale_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ns_in CB_ss_in Rst ClkD Id ChannellD 
Pram_f ailure Piu_invalid Ccr Reset_error) 

« CB_ss_in"/? 

let RstB ■ new_re curs ive_def inition 
false 
cc_env 
'RstB' 

"RstB (CCBnv I_ad_in I_be_in_ I_mrdy_in_ I_rale_in_ I_male_in_ 

I_last_in_ I_srdy_in_ I_lock_ I_cale_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_m*_in CB_ss_in Rst ClkD Id ChannellD 
Pmnuf ailure Piu_invalid Ccr Reset_error} 

* Rst";? 

let ClkDB = new_recursive_def inition 
false 
cc_env 
'ClkDB ' 

"ClkDB (CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rale_in_ I_male_in_ 

I_las t_in__ I_srdy_in_ I_lock_ I_cale_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_ss_in Rst ClkD Id ChannellD 
Pxtun^f ailure Piu_invalid Ccr Reset_error) 
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ClkD"; ; 


lat IdB « naw_ra cur siva_daf inition 
falsa 
cc_anv 
' IdB * 

"IdB { CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 

I_la*t_in_ I_srdy_in_ I_lock_ I_cala_ I__hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_s»_in Rst ClkD Id ChannallD 
Pnnn_f ailura Piu_invalid Ccr Ra«at_arror) 

» Id"; ; 

let ChannallDB * naw_recursiva_daf inition 
falsa 
cc_anv 
' ChannallDB ' 

"ChannallDB (CCBnv I_ad_±n I_ba_in_ I_mrdy__in_ I_rala_ln_ I_mala_in_ 
I_last_in_ I_srdy_in_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in__ CB_ad_in CB_ms_in CB_ss_in Rst ClkD Id ChannallD 
Pmm_f ailura Piu_invalid Ccr Rasat_arror) 

- ChannallD"; ; 

lat Pxnm^f alluraB * naw_r a cur siva_daf inition 
falsa 
cc_anv 

' Pmm_f ailuraB ' 

"Pmm_f ailuraH (CCBnv I_ad_in I_ba_ln_ I_mrdy_in_ I_rala_in_ I_mala_in_ 
I_la«t_in_ I_srdy_ln_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_ss_in Rst ClkD Id ChannallD 
Pzanuf &ilura Piu_invalid Ccr Rasat_arror) 

* Pinm_f ailura" ; ; 

lat Piu_invalidB * naw_racursiva_daf inition 
falsa 
cc_anv 

'Piu_invalidE' 

" P iu_inva 1 i dB (CCBnv l_ad_in I _ba_in_ I _jnrdy_in_ I_rala_in_ I_mala__in_ 
I_la»t_in_ I_srdy_in_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ma_in CB_ss_in Rat ClkD Id ChannallD 
Pmsn_f allura Piu_invalid Ccr Rasat_arror) 

= Piu_invalid" ; ; 

lat CcrB ■ naw_racursiva_daf inition 
falsa 

cc_anv 
' CcrB ' 

"CcrB (CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 

I_last_in_ I_srdy_in_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_m»_in CB_ss_in Rst ClkD Id ChannallD 
Pinm_£ ailura Piu_invalid Ccr Rasat__arror) 

m Ccr";; 

lat Rasat_arrorB = naw_racurslva_daf inition 
falsa 
cc_anv 

'Rasat_arrorB ' 

"Rasat_arrorB (CCBnv I_ad_in I_ba_in_ I_mrdy_in_ I_rala_in_ I_mala_in_ 
I_last_in_ l_srdy_in_ I_lock_ I_cala_ I_hlda_ I_crqt_ 
CB_rqt_in_ CB_ad_in CB_ms_in CB_sa_in Rst ClkD Id ChannallD 
Pinnv_f ailura Piu_invalid Ccr Raiat.arror) 

• Rasat_arror"/ ; 

lat Bnv_CASBS - 

prova_casa»_thm (prova_induction_thm cc_anv) ; ; 

lat CCBnv_Salactors_Work * prova_thm 
( 'CCBnv_Salactors_Work ' , 

" ! a : cc_anv * 

a a (CCBnv ( I_ad_inB a) ( I_ba_in_B a) ( I_mrdy_in_B a) (I_rala_in_B a) 

( I_mala_in_B a) (I_last_in^B a) (I_srdy_in_E a) (I_lock_E a) 

( I_cala_B a) (I_hlda_B a) ( I_crqt_B a) ( CB„rqt_in_B a) 

(CB_ad_inB a) (CB_ms_inB a) (CB_ss_inB a) (RstB a) (ClkDB a) 
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(IdB •) (Channel IDE •) ( ?ram_t ailuraE •) ( piu_invalidE a) (CcrB •) 
(Raset_arrorB a)) w , 

OBN_TAC 

THEN STRUCT_CASBS_TAC (SPEC **• i cc_tnv" Bnv_CASBS) 

THEN RBWRITE_TAC [I_ad_inE ; I_ba_in_B; I_mrdy_in_E / I„rala_in_E; 

I_male_in_B; I_last_in_B/ I_s rdy_in_K / I_lock_B; I_cala_Bj 
I_hlda_B / I_crqt_E/ CB_rqt_in_K; CB_ad_inE; CB_ms_inB/ 
CB_ss_inB; RstB; ClfcDE; XdEi Channel IDE; Pmn^f alluraB ? 
Piu_invalidB; CcrB; Rasat_arrorB] 

) / ; 


% 

Abstract data type for tha output. 


% 


lat cc_out = 

daf ina_type ' cc_out ' 

* cc out « ccout bool# bool wire#wire bool# bool wirefwire wiretwire 

wire#wira wira#wira busn#busn busntbusn 
bool# bool wo rdn#wordn wordn#wordn busntbusn 
wordn#wordn bool# bool bool#bool ' ; / 


lat l_cgnt_0 * new_racursive_def inition 
falsa 
cc_out 
' l_cgnt_0 ' 

«X_cgnt_0 ( CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rala_out_ I_mala_out_ 

I_last_out_ I_srdy_out_ I_ad_out I_be_out_ CB_rqt_out_ 
CB_ms_out CB_ss_out CB_ad_out C_ss_out Disabla_writes 
CB_parity) 

* I_cgnt_" ; ; 

lat I_mrdy_out_0 * new_recursive_def inition 
falsa 
cc_out 

' l_mrdy_out_0 ' 

"l_mrdy_out_0 (CCOut I__cgnt_ I_mrdy_out_ I_hold_ I_rale_out_ I_mala_out_ 
I_last_out_ I_srdy_out_ I_ad_out I_be_out_ CB_rgt_out_ 
CB_ms_out CB_ss_out CB_ad_out C_ss_out Diaable_writes 
CB__parity) 

= I _mr dy _ou t _ " ; ; 

lat l_hold_0 = new_recursive_def inition 
falsa 
cc_out 
' l_hold_0 ' 

«I_hold_0 (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rala_out_ I_mala_out__ 

I_last_out_ I_srdy_out_ I_ad_out I_ba_out_ CB_rgt_out_ 
CB_ms_out CB_ss_out CB_ad_out C_ss_out Disable_wr it as 
CB_parity) 

■ I_hold _" i i 

lat l_rale_out_0 = new_recursive_def inition 
falsa 
cc_out 

' l_rale_out_0 ' 

« l_rala_out_0 (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rala_out_ I_mala_out_ 
I_last_out_ I_srdy_out_ I_ad_out I_ba_out_ CB_rqt_out_ 
CB_ms_out CB_ss_out CB_ad_out C_ss_out Disabla_writas 
CB_parity) 

* I_rala_out_" ; ; 

lat l_male_out_0 * naw_racursiva_daf inition 

falsa 

cc_out 

' l_mala_out_0 ' 

-l_mala_out_0 (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rala_out_ I_mala_out_ 
X_last_out_ i_srdy_out_ I_ad_out I_ba_out_ CB_rqt_out_ 
CB_ms_out CB_ss_out CB_ad_out C_ss_out Disabla_writas 
CB_parity) 
s* I_mala_out_ w ; ; 
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lat l_last_out_0 = naw_racursiva_daf inition 
falsa 
cc_out 

' l_last_out_0 ' 

"I.last.out.O (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rala_out_ I_mala_out_ 
I_la»t_out_ I_srdy_out_ I_ad_out I_ba_out_ CB_rqt_out_ 
CB.ms.out CB_ss_out CB_ad_out C_ss_out Disabla.writas 
CB_parity) 

» I_laat_out_" ; / 

lat l_srdy_out_0 * naw_racursiva_daf inition 
falsa 
cc_out 

' l_srdy_out_0 • 

"I_srdy_out _0 (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rals_out_ I_mals_out_ 
I_last_out_ I_srdy_out_ I_ad_out I_ba_out_ CB_rqt_out_ 
CB_m*_out CB_ss_out CB_ad_out C.sa.out Dis abla.wri t as 
CB_parity) 

* I_srdy_out_" ; ; 

lat I.ad.outO * na w.ra cur siva.daf inition 
falsa 
cc_out 
' I_ad_outO * 

"I_ad_outO (CCOut I_cgnt_ I_mrdy_out_ I.hold. I_rala_out_ I_mala_out_ 
I_last_out__ I_srdy_out_ I_ad_out I_ba_out_ CB_rqt_out_ 
CB_ms_out CB_ss_out CB_ad_out C_si_out Disabla.writas 
CB__parity) 

« I_ad_out " ; ; 

lat l_ba_out_0 ■ naw_ra curs iva.daf inition 
falsa 

cc_out 
' l_ba_out_0 ' 

*I_ba_out _0 (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rala_out_ I_mala_out_ 
I_last__out_ I.srdy_out_ I_ad_out I_ba_out_ CB_rqt_out_ 
CB_ma_out CB.ss.out CB_ad_out C.ss.out Disabla.writas 
CB_parity) 

* I_ba_out_" ; ? 

lat CB.rqt.out.O * naw_r« curs iva.daf ini t ion 

falsa 

cc_out 

'CB_rqt_out_ 0 ' 

"CB_rqt_out _0 (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rala_out_ I_male_out_ 
I_last_out_ I_srdy_out_ I_ad_out I_ba_out_ CB_rqt_out_ 
CB_m*_out CB_ss_out CB_ad_out C_ss_out Disabla.writas 
CB_parity) 

« CB_rqt_out_" ; ? 

lat CB_ms_outo - naw.racursiva.daf ini t ion 
falsa 

cc_out 
'CB_ms„outO ' 

"CB.ms.outO (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rala_out_ I_mals_out_ 
I_last_out_ I_srdy_out_ I_ad_out I_ba_out_ CB_rqt_out_ 

CB _ms_out CB_ss_out CB_ad_out C_ss_out Disabla_writas 
CB .parity) 

■ CB_ms_out " / ; 

lat CB s s.outo = naw_racursiva_daf inition 

falsa 
cc.out 
'CB_ss_outO ' 

"CB_ss_outo (CCOut I_cgnt_ l_mrdy_out_ I_hold_ I_rala_out_ I_mala_out_ 
I_last_out_ I_ardy_out_ I_ad_out I_ba_out_ CB_rqt_out_ 
CB_ms_out CB_ss_out CB_ad_out C_ss_out Disabla.writas 
CB_parity) 

* CB_ss_out 7 

lat CB_ad_outO * naw_racursiva_daf inition 

falsa 
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cc_out 
' CB_ad_outO ' 

"CB_ad_outO (CCOut I_cgnt_ I_mrdy__out_ I_hold_ I_ral*_out_ I_mal*_out_ 
I_laat_out_ I_ardy_out_ I_ad_out I_be_out_ CB_rqt_out_ 
CB_ma_out CB_*a_out CB_ad_out C_ea_out Di*abl*_write* 
CB_parity) 

* CB_ad_out * / / 

let C_**_outO * n*w_recuraiv*_def inition 
f ala* 
cc__out 
'C_a*_outO ' 

*C_a*_outO (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_ral*_out_ I_mal*_out_ 
I_laat_out_ I_*rdy_out_ I_ad_out I_b*„out_ CB_rqt_out_ 
CB_m*_out CB_aa_out CB_ad_out C_aa_out Diaabl*_writ*a 
CB_parity) 

a C_is_out” ; ; 

l*t Di*abl*_writ*aO * n*w_r*cur a iv*_d*f inition 
f ala* 
cc_out 

'Diaable^writeaO * 

< 'Diaabl*_writ*aO (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_ral*_out_ X_mal*_out_ 
I_laa t_out_ I_a rdy_out_ I_ad_out I_b*_out_ CB_rqt_out_ 
CB_m*_out CB_**_out CB_ad_out C_aa_out Di*abl*_writ*a 
CB_parlty) 

* Diaabl*_writ*a" / ; 

l*t CB_parityO « n* w_r*cur a iv*_d*f inition 
f ala* 
cc_out 
'CB_parityO ' 

*CB_parltyO (CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_ral*_out_ I_mal*_out__ 
I_la#t_out_ I_ardy_out_ l_ad_out I_b*_out_ CB_rqt_out_ 
CB_ma_out CB_aa_out CB_ad_out C_aa_out Diaabl*_writ*a 
CB_parity) 

* CB_parity" j } 

let Out_CASBS *= 

prov*_ca*e*_thm (prov*_ indue tion_thm cc_out) ; ; 

let CCOut _S*l*ctor*_Work ■ prov*_thm 
( ' CCOut _S*l*c tor a_Work * , 

"! picc_out . 

p • (CCOut (l_cgnt_0 p) ( l_mrdy_out_0 p) (l_hold_0 p) ( l_ral*_out_0 p) 

( i_mal*_out_0 p) (l__la*t_out_0 p) ( I_ardy_out_0 p) (I_ad_outO p) 
(l_b*_out_0 p) (CB_rqt_out_0 p) (CB_ma_outO p) (CB_aa_outO p) 
(CB_ad_outO p) (C_a»_outO p) (Diaabl*_writ*aO p) (CB_parityO p)) w , 

QBN_TAC 

THEN S TRUC T_C ASB S_T AC (SPEC “p i cc_OUt" Out_CASBS) 

THEN RBWRITB_TAC [l_cgnt_0; l_mrdy_out_0; l_hold_0; l_ral*_out_0 ; 

l_mal*_out_0 ; l_la*t_out_0? I_ardy_out_Oj I_ad_outO; 
l_b*_out_0 / CB_rqt_out_0; CB_tt*_outO/ CB_aa_outO; 
CB_ad_outO; C_a#_outO; Dl#abl*_writ*aO/ CB_parityO] 

)// 

cloa*_th*ory( ) ; / 


% 


Fil* i cblock_d*f . ml 

Author: (c) D . A. Fura 1992-93 

Dat*: 3 March 1993 

Thia fil* contain* th* ml aourc* for th* gate-level ap*cif ication of th* 
C-Port of th* FTBP PIU, an ASIC d*v*lop*d by th* Bmb*dd*d Proceaeing 
Laboratory, Boeing High Technology Center. 
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% 


aat_aaarch_path (aaarch_path( ) 0 [ ' /homa/alvia6/dfura/f tap/piu/hol/cport/ • ; 

' /homa/alvia6/dfura/ftap/piu/hol/lib/ ' ; 

' /homa/alvia6/dfura/hol/Library/aba_thaory / ' 7 
' /homa/alvia6/d£ura/hol/ml/ ' ; 

' /homa /alvia 6 /dfura /hoi /Library/ toola/ ' 

] )/7 


aat_flag ( 'timing' , trua) / ; 
ays tain 'rm cblock_daf . th' 7 7 
naw_thaory 4 cblocfc_daf ' 7 ; 
loadf 'aba_thaory' 7 7 
loadf 'aux_dafa / 7 ; 

nap naw_parant [ ' count ar »_daf • 7 ' caux_daf ' 7 ' wordn_daf ' 7 • array_daf ' / ' inaq ' ] 7 ; 
map load__parant [ 'piuaux_daf ' 7 'gataa_daf 1 ' 7 ' latchaa_daf ' / ' f f »_daf ' ; ' cf ama_daf ' ] ; ; 


lat MSTART « "WORDN 2 4";/ 
lat MEND - -WORDN 2 5-77 
lat MRDY - -WORDN 2 6-/7 
lat MWAIT * -WORDN 2 7-77 
lat MABORT « -WORDN 2 0 - 7 / 

lat SACK « -WORDN 2 5-77 
lat SRDY * -WORDN 2 6-/7 
lat SWAIT » -WORDN 2 7-77 
lat SABORT * -WORDN 2 0 -; 7 

lat RBF_ty « aba_typa_inf o (thaoram 'piuaux_daf' 'RBP')/7 

% 

Input logic for C_laat_in_ flip-flop. 

% 


lat Laat_Logic_GATK ■ naw_daf inition 
( ' Laat_Logic_OATK ' , 

-I (rat clkD mfam_mdl mf am^mabort laat_in_inE t tina->bool#bool) . 
Laat_Logic_GATE rat clkD mf anumdl mf anv_mabort laat_in_inB ■ 
l titima . 


laat_in_inS t * 

{ (Aflaltrat t) \/ 

(ASal(clkD t) /\ ASa 1 ( mf am_mdl t)) \/ 

ASal (mf am_mabort t) ) , 

(BSaKrat t) \/ 

(BSal (clkD t) /\ BSal(mfam_mdl t)) \/ 
BSal(mf am_mabort t)))- 


% 

Input logic for C_laat_out_ latch. 

% 


lat Hold_Logic_OATB * naw.daf inition 
{ ' Hold_Logic_OATE ' , 

-I (cb_ma : tima->wordn#wordn) 

(clkD afanuaal laat_out_inS laat_out_inR laat_out_inB : t ima -> bool# bool ) . 

Hold_Logic__OATB cb_ma clkD afam_aal laat_out_inS laat_out_inR laat_out_inB 
1 titima . 

( ( ASal (af am_aal t) ) , 


(laat_out_inS t - 
(laat_out_inR t ■ 
( (ASal(clkD t) 


(BSal ( af am_aal t)))) /\ 


/\ 


( (ASal (cb_ma 
(ASal (cb_ma 
(BSaKclkD t) /\ ( (BSal (cb_ma 
(BSaKcbjna 
( laat_out_inE t ■ ( (ASal (laat_out_inS t) 
( BSal ( laa t_out_inS t) 


t) 

t) 

t) 

t) 


A MBND) \/ 

A MABORT} ) ) , 

A MBND) \/ 

A MABORT) ) ) ) ) /\ 

\/ ASal(laat_out_inR t)), 

\/ BSal ( laat_out_inR t))))- 
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)/; 


% 

Generation logic for cout_ael aignal. 


let Cout_Sel_Logic_GATB ■ n«w_daf ini t ion 
( ' Cout_Sel_Logic_GATB ' , 

" ; ( a f »m_a_cout_aelO mf am,_ii^_cout_aell mf am_A_cout_selO x tima->bool#bool) 

(afam_adO efam^adl s time->bool#bool ) 

(cout_ael : t ima - >wordn#wordn ) 

Cout_Sel_Logic_GATB af am_a_cout_aelO mf •m_m_cout_*all mf am_m_cout_aelO 
■ f an*_adO afam_adl cout_ael ■ 


1 t:tima . 


cout_ael t * 

( { (ASal (af am_»dO t) \/ 

— > (lat aO * (ALTER 

in (ALTER 

| (lat aO * (ALTER 

in (ALTER 

( (BSal (af am_adO t) \/ 
*> (lat bO * (ALTER 

in (ALTER 

| (lat bO - (ALTER 

in (ALTER 


ASal (afam_adl t ) ) 

ARBN 0 (ASal (af am_»_cout_aelO t ) ) ) 
aO IP)) 

ARBN 0 (ASal (mf am_m_cout_aalO t))) 
aO 1 (ASal (mf anuTO-Cou^aall t) ) ) ) ) , 
BSal (af am_adl t ) ) 

ARBN 0 (BSal (af anua_cout_aalO t) ) ) 
bO IF)) 

ARBN 0 (BSal (mf am_m_cout_aalO t))) 
bO 1 (BSal (mf am_m_cout_aell t))))))" 




% 

Generation logic for ardy aignal . 


lat Srdy_In_Logic_QATB * naw_def ini t ion 
{ 'Srdy_In_Logic_OATE' , 

( cb_a a 1 1 ima - > wor dn#wor dn ) (dfam^ardy : tima->bool#bool) . 
Srdy_In_Logic_OATE cb_aa dfam_ardy * 

! titlme . 

dfam_»rdy t « ((ASal(cb_aa t) - A SRDY) , (BSel(cb_ae t) * A SRDY ) ) m 

);; 


% 

Input logic for C_wrdy, C_rrdy latchaa. 


lat Rdy_Logic_OATB * naw_daf inition 
( ' Rdy_Log i c _OATE ' , 

* i (rnfanumdO mfam_mdl clkD write ardy wrdy_inD rrdy_inD t time- > bool# bool ) . 

Rdy_Logic_OATB mf am_nvdO mfam_mdl clAD write ardy wrdy_inD rrdy_inD « 


! 1 1 time . 

(wrdy_inL t * 

( (ASal (ardy 
ASel(clkD 
(BSal (ardy 
BSal (clkD 


t) /\ ASal (write t) 
t) ) , 

t) A BSal (write t) 

t)))) /\ 


/ \ ASal (mf am_mdl t) 
/\ BSal (mf am_mdl t) 


/\ 

/\ 


(rrdy_inD t * 

( (ASal (ardy 
ASal (clkD 
(BSal (ardy 
BSal (clkD 


t) A -ASal (write t) 
t) ) , 

t) A -BSal (write t) 
t))))" 


A ASal (mf am_mdO t) 
A BSal (mf am_mdO t) 


A 

A 


> 7 / 


% 

Generation logic for I_ardy_out_ aignal. 


let ISrdy_Out_Logic_OATB = new_daf inition 
( ' ISrdy_Out_Logic_OATE • , 

"1 (wrdy_outQ rrdy_outQ f am_mabort cale_ ardy_an : t ima -> bool# bool ) 
(iprdy_inB iardy_inB t time->bool#bool) 

ISrdy_Out_Logic_OATE wrdy_outQ rrdy_outQ fanumabort cale_ ardy_en 
iardy_inD iardy_inB * 

! t i time . 

(iardy_inT t * 
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( (- (ASal (wrdy_outQ t) \/ ASal (rrdy_outQ t) \/ ASal (f *ra_niabort t) ) ) , 

(- (BSal (wrdy_outQ t) \/ BSal (rrdy_outQ t) \/ BSal (fsm_mabort t ) ) ) ) > /\ 
(iardy_inE t * 

( { -ASal ( cala_ t) \/ ASal ( ardy_an t)), 

( -BSal ( cala_ t) \/ BSal < ardy_an t)))) w 

)/; 

% 

Ganaration logic for CB«»_out signal. 

% 

lat CBas_Out_Logic_GATB • naw_daf inition 
( 'CBaa_Out_Logic_OATE' , 

"! (afsm_** cbas_out : tima->wordn#wordn) 

(pram^f ailura piu_valid * t im« -> bool# boo 1 ) . 

CB»a_Out_Logic_OATB sfam_sa pon^f ailura piu_valid cbaa_out « 

! titima . 
cbaa_out t * 

((lat al_0 * (HALTER 
ARBN 

(1,0) 

(SUBARRAY (ASal ( af sm_»» t)) (1,0))) 

in (ALTER 

al_0 
(2) 

((ELEMENT (ASal (af am_»» t)) (2)) /\ 

-ASal (pmm_f ailura t) /\ -ASal (piu_valid t) ) ) ) , 

(lat bl_0 * (HALTER 
ARBN 

(1,0) 

(SUBARRAY (BSal (af am_«a t) ) (1,0))) 

in (ALTER 

bl_0 
(2) 

((ELEMENT (BSal (af sm_M t)) (2)) A 

-BSal (pmm_f ailura t) A -BSal (piu_valid t)))))" 

) ;; 

% 

Ganaration logic for CBma_out aignal. 

- -% 

lat CBma_Out_Logic_OATE ■ naw_daf inition 
( ' CBma_Out_Logic_OATB ' , 

*! ( mf an\_ma cbma_out : t ima - > wo r dn# wor dn ) 

(pmm_f ailura piu_valid t t ima->bool#bool) . 

CBma_Out_Logic_OATB mfam.ma pamv_f ailura piu_valid cbma„out * 

1 titima . 
cbma_out t ■ 

((lat al_0 - (MALTER 
ARBN 

(1,0) 

(SUBARRAY (ASal (mf am_ma t)) (1,0))) 

in (ALTER 

al_0 
(2) 

((ELEMENT (ASal (mf an^ma t) ) (2)} A 

-ASal (pmnuf ailura t) A -ASal (piu_valid t)))), 

(lat bl_0 - (MALTER 
ARBN 

(1,0) 

(SUBARRAY (BSal (mf arn^ma t ) ) (1,0))) 

in (ALTER 

bl_0 
(2) 

((ELEMENT {BSal (mf am_ma t) ) (2)) A 

-BSal (pnsa_f ailura t) A -BSal (piu_valid t)))))" 

);; 

% - 

Ganaration logic for cout_l_la signal. 

- - % 
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let Cout_l_Le_Logic_GATE - naw_def inition 
( 'Cout_l_La_Logic_GATE ' , 

«» (df sm_master cout_0_la_dal df sm_cout_l_le cout_l_le i t ima- > bool# bool ) . 
Cout_l_Le_Logic_OATE dfsm_mastar cout_0_le_del df am_cout_: 1_ 1« cout_l_la = 
I titima . 
cout_l_le t * 

( ( (ASal(dfsm_cout_l_la t) /\ -ASal (df an^maatar t)) \/ 

(ASal(df anumaatar t) A ASal (cout_0_la_dal t) ) ) , 

( (BSal(dfam_cout_l_la t) /\ -BSal (df sm_mastar t) ) \/ 

(BSal (df am_mastar t) /\ BSal ( cout_0_la_dal t))))" 

) t ; 


% 

Generation logic for iad_an aignal. 


let Iad_En__Logic_GATE = naw_daf inition 
( ' lad_En_Logic_GATB ' , 

** \ (mf am_iad_an_m af am_iad_an_« iad_an_a_dal iad_an t time->bool#bool) 
Iad_Bn_Logic_GATB mf sm_iad_an_m af am_iad_en_a iad_an_a_del iad_an - 


! titima . 


( ( ASal (mf anuiad_an_m t) \/ 
ASal (af am_iad_an_a t) \/ 
ASal ( iad_en_s_del t ) ) , 
(BSal (mf am_iad_an_m t) \/ 
BSal (af am_iad_en_s t) \/ 
BSal ( iad_an_a_dal t)))" 


) ; ; 


% 

Ganaration logic for c_pa_cnt signal . 


let Pe_Cnt_Logic_GATB * naw_daf inition 
( ' Pe_Cnt_Logic_GATK ' , 

" j (cb_aa_in : t ima - > wordn#vror dn ) 

(clXD af am_aparity mf sm_mparity c_pe_cnt t tima->bool#bool) . 
Pe_Cnt_Logic_GATB clfcD afam_aparity mf sm^mparity cb_aa_in c_pe_cnt = 
! titima . 
c pa cnt t * 

( (ASal ( clfcD t) A 

(- (ASal (afam_aparity t) « ASal (mf sm__mparity t) ) \/ 

((SUBARRAY ( ASal ( cb_aa_in t ) ) (1,0)) * WORDN 2 0))), 

(BSeKclfcD t) A 

(- (BSal (af am_»P*rity t) = BSal (mf am_mparity t) ) \/ 

((SUBARRAY ( BSal ( cb_as_in t)) (1,0)) ■ WORDN 2 0))))" 

) it 


% 

Ganaration logic for c_grant, c_buay signals. 


lat Grant _Logic_GATE ■ naw_daf inition 
( ' Grant_Logic_OATE ' , 

"I (id rqt_ : t ima - > wordntwordn ) (busy grant : time->bool#bool) . 
Grant_Logic_GATE id rqt_ busy grant * 

! tit ima . 


(busy t * 

( (~( (SUBARRAY 
(-( (SUBARRAY 
(grant t * 

( ( ( ( ( SUBARRAY 

( ( ( SUBARRAY 


( ( ( SUBARRAY 


(ASal (rqt_ t)) (3,1)) * WORDN 27)), 

(BSal (rqt_ t)) (3,1)) * WORDN 27)))) A 

(ASeltid t)) (1,0)) * WORDN 1 0) A 

- (ELEMENT (ASal (rqt_ t) ) (0)) ) \/ 

(ASal(id t)) (1,0)) * WORDN 1 1) A 

-(ELEMENT (ASel(rqt_ t) ) (0)) A 

(ELEMENT (ASel(rqt_ t) ) (1)) ) \/ 

(ASal ( id t)) (1,0)) . WORDN 1 2) /\ 

-(ELEMENT (ASal(rqt_ t)) (0)) /\ 

(ELEMENT (ASal (rqt_ t)) (1)) /\ 

(ELEMENT (ASal (rqt_ t ) ) (2)) ) \/ 
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);/ 


( ( (SUBARRAY 


< ( ( (SUBARRAY 
( ( ( SUBARRAY 


( ( (SUBARRAY 


( ( (SUBARRAY 


(ASel (id t>) (1,0) ) « 

- (ZLBMBNT (ASel(rqt_ 
(ZLBMBNT (ASel (rqt_ 
(BLBMBNT (ASel(rqt_ 
(ZLBMBNT (ASel(rqt_ 
(BSel (id t) ) (1,0) ) - 

- (BLBMBNT (BSel (rqt_ 
(BSel (id t)) (1,0) ) . 

- (BLBMBNT (BSel (rqt_ 
(BLBMBNT (BSel(rqt_ 
(BSel ( id t) ) (1,0) ) - 

-(BLBMBNT (BSel (rqt_ 
(BLBMBNT (BSel (rqt_ 
(BLBMBNT (BSel(rqt_ 
(BSel ( id t) ) (1,0) ) . 

-(BLBMBNT (BSel(rqt_ 
(ZLBMBNT (BSel(rqt_ 
(BLBMBNT (BSel (rqt_ 
(BLBMBNT (BSel (rqt_ 


WORDN 13) /\ 
t)) (0)) /\ 

t)) (1)) /\ 

t)) (2)) /\ 

t)) (3)) ) 

WORDN 1 0) /\ 
t)) (0)) ) \/ 

WORDN 11) A 
t)) (0)) A 
t)) (D) ) \/ 

WORDN 12) A 

t>) (0)) A 
t>) (1)) A 
t)) (2)) ) \/ 

WORDN 13) A 
t>) (0)) A 
t ) ) (1)) /\ 

t)) (2)) A 
t)) (3)) ) 


)))" 


% - - 

Generation logic for addressed signal. 

% 


let Address ed_Logic_GATB * new_def inition 
( ' Addressed_Logic.J3ATE ' , 

" l (id source 1 1 ime - >wor dn#wo rdn ) (addressed : time->bool#bool) . 
Address ed_Logic_OATB id source addressed = 

J titime . 
addressed t * 

((ASel(idt) * (SUBARRAY (ASel(source t)) (15,10))), 

(BSel(id t) * (SUBARRAY (BSel(source t)) (15,10))))* 

);; 


% - - 

Generation logic for Disable_writes signal. 

— - - % 


let D_Writes_Logic_GATE * new_.de f inition 
( ' D_Wr i t e s _Log i c_GATB ' , 

“ 1 (chan_id source 1 1 ime - >wordn#wordn ) 

(dfsnv_slave disable_writes j time- > bool #bool ) 
D_Writes_Logic_GATB df sm_ slave chan_id source disable_writes = 
1 titime . 
disable_writes t - 

( (ASel (dfsm_ slave t) /\ 

(- (BLBMBNT 

(SUBARRAY (ASel (source t)) (9,6)) 

(VAL 1 ( ASe 1 ( chan_id t)))))), 

( (BSel (dfsm_s lave t) A 
(- (BLBMBNT 

(SUBARRAY (BSel(source t ) ) (9,6)) 

(VAL 1 ( BSe 1 ( chan_id t))) )))))" 

);; 


% 

Generation logic for c_j>e signal* 

% 


let Parity_Decode_Logic_OATB * new_def inition 
( ' Parity_Decode_Logic_GATB ' , 

“l (rep s A RBP_ty ) (cad_in_det 1 1 ime - >bool#bool ) 

(cad_in cad_in_dec i time->wordn#wordn) . 
Parity_Decode_Logic_GATB rep cad_in cad_in_dec cad_in_det = 
! titime . 


( ced_in_dec t - 

( (Par_Dec rep 
(Par_Dsc rap 
(cad_in_det t * 

( (Par_Det rep 
(Par_Det rep 


(ASel(cad_in t))), 
(BSel (cad_in t ) ) ) ) ) /\ 

(ASel(cad_in t))), 
(BSel (cad_in t)))))" 
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% 

Input logic for C_parity latch. 


let Parity_Signal_Inpute_GATB = new_def inition 
( 'Parity_Signal_Inpute_OATB ' , 

* i (ret cad_in_det clkD c_pe_cnt reeet_error i time->bool#bool) 

( c_p arity_inS c_parity_inR c_parity_inB ; time->bool#bool) . 
Parity_Signal_Inpute_GATB ret cad_in_det clkD c_pe_cnt reeet_efTor 

c_parity_inS c_parity_inR c_parity_inE * 

1 t : time ♦ 

(c_parity_inS t * 

( (ASel (cad_in_det t) /\ ASal(clkD t) A ASel (c_j>e_cnt t)), 

( BSel ( cad_in_det t) A BSel(cl)cD t) A BSel (c_pe_cnt t)))) A 
(c_parity_inR t * 

((ASel (ret t) \/ ASel (reeet_error t)), 

(BSel (ret t) \/ BSel (reeet_error t)))) /\ 

(c_parity_inE t * 

( (ASel(c_parity_inS t) \/ ASel (c _parity_inR t)), 
(BSel(c_parity_inS t) W BSel (c_parity_inR t))))* 

) ; ? 


-Bue input latchee . 


% 


let CB_In_Latchee_GATB * new_def inition 
( 'CB_In_Latchee_GATB' / 

** I (cad_in_dec eource eizewrbe iad_preout t time->wordn#wordn) 

(c_eource c_data_in c_eizewrbe c_iad_preout : time->wordn) 

(ret cin_0_le cin_l_le cin_2_le cin_3_le cin_4_le : time->bool#bool) . 
CB_In_Latchee_QATB ret cad_in_dec cin_0_le cln_l_le cin_2_le cin_3_le 
cin_4_le eource eizewrbe iad_preout c_eource 
c_data_in c_eizewrbe c_iad_preout * 

! t : t ime . 

(c.eource (t+1) * 

(BSel (ret t)) «> WORDN 15 0 | 

(BSel ( cin_3_le t) ) *> (BSel (cad_in_dec t}) I (c.eource t) ) A 
(let a31_16 * 

(MALTBR 

(c_data_in t) 

(31,16) 

( (BSel (ret t)) *> WORDN 15 0 | 

(BSel (cin_l_le t)) 

*> (BSel (cad_in_dec t)) 

| (SUBARRAY (c_data_in t) (31,16)))) in 
let a31_0 - 
(MALTBR 
a3 1_16 
(15,0) 

{(BSel (ret t)) *> WORDN 15 0 | 

(BSel (cin_0_le t)) 

*> (BSel (cad_in_dec t)) 

1 (SUBARRAY (c_data_in t) (15,0)))) in 
(c_data_in (t+1) * a31_0)) /\ 

(c_eizewrbe (t+1) = 

(BSel (ret t)) *> WORDN 9 0 | 

(BSel (cin_4_le t)) *> (SUBARRAY (c_data_int) (31,22)) 

I (c_eizewrbe t)) A 

( c_iad_preout (t+1) * 

(ASel ( cin_2_le t) ) *> (c_data_in t) I (c_iad_preout t) ) A 
(eource t « ( (c_eource t), (c_eource (t+1)))) /\ 

(eizewrbe t * ( (c_eizewrbe t), (c_eizewrbe (t+1)))) A 
( iad_preout t - ( (c_iad_preout (t+1)), ( c„iad_preout (t+1) ) ) ) " 

)/; 


% 

Generation logic for I_be_out_ signal. 
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lat BE_Out_Logic_OATB * naw_da£ ini t ion 
( 'BE_Out_Logic_QATE * , 

" ! (sizawrba : tira*->wordn#wordii) (hlda_ j tima->bool#bool) 

(ba_out ; tima->bu*n#busn) . 

BE_Out_Logic_OATB sizawrba hlda_ ba_out = 
l t : time . 
ba_out t = 

( ( (~ASal(hlda_ t) ) 

=> (BUSN (SUBARRAY ( ASal ( sizawrba t)) (9,6)}) | Offn) , 

( ( -BSal (hlda__ t) ) 

*> (BUSN ( SUBAREA Y (BSal ( sizawrba t)) (9,6))) | OffnD" 

) 7 7 

% 

Oanaration logic for writ* signal . 


lat Writa_Logic_OATE * naw_d*f ini t ion 
( ' Writ*_Logic_OATB ' , 

" I ( iad_in sizawrba j tima->wordn#wordn) (C_wr :tim*->bool) 

(calw_ mastar_tran writ* : tim*-> bool# bool ) 

Writa_Logic_OATE iad_in sizawrba cal*_ ma start ran C_wr writ* * 

! trtima . 

( C_wx (t+1) * 

( -BSal (cala_ t)) «> (ELEMENT (BSal(iad_in t)) (27)) ! C_wr t) /\ 

(writ* t * 

{( (ASal (mast ar_t ran t)) 

*> (C_wr t) | (ELEMENT ( ASal ( sizawrba t)) (5))), 

( (BS*1 (mast *r_t ran t)) 

*> (C_wr (t+1)) t (ELEMENT (BSal ( sizawrba t> } (5)))))" 

) 77 


•Bus output latchas * 

% 

l*t CB_Out_Logic_OATB « naw_daf inition 
( ' CB_Out_Logic_OATE ' , 

"1 (rap t A RBP_ty) 

( iad_in ccr cout_sal cad__praout : t im* - >wordn#wordn ) 

( df sm_cout_0_la cout_l_la mf sm_mr*quast j tima->bool#bool) 

(C_iad_in C_alaO C_a3a2 s t ima->wordn) 

C B_Ou t _ Log i c_0 ATE rap iad_in ccr df *m_cout_0_la cout_l_la mfsm_mr aquas t 
cout_#al cad_praout C_iad_in C_ala0 C_a3a2 ■ 

I tttima . 

(C_iad_in (t+1) * 

(BSal (df sm_cout_0_la t) ) ■> (BSal(iad_in t ) ) | (C_iad_in t)) /\ 

(C_alaO (t+1) - 

{ ASal (cout_l_la t)) *> (C_iad_in t) | (C_alaO t) ) /\ 

(C_a3a2 (t+1) * 

(ASal (mfsnunr aquas t t)} *> (Aflsl(ccr t ) ) | (C_a3a2 t) ) /\ 

( cad_praout t * 

( ( (ASal(cout_sal t) * WORDN 1 0) 

-> ( Par_Bnc rap (SUBARRAY (C_ala0 (t+1)) (15 # 0))) | 

(ASal(cout_sal t) * WORDN 1 1) 

«> ( Par_Bnc rap (SUBARRAY (C.alaO (t+1)} (31,16))) | 

( ASal (cout_sal t) « WORDN 1 2) 

*> ( Par_Enc rap (SUBARRAY (C_a3a2 (t+1)) (15,0))) 

I <Par_Bnc rap (SUBARRAY (C_a3a2 (t+1)) (31,16)))), 

( (BSal(cout_sal t) - WORDN 1 0) 

»> (Par_Bnc rap (SUBARRAY (C_ala0 (t+1)) (15,0))) | 

(BSal(cout_sal t) - WORDN 1 1) 

«> (Par_Bnc rap (SUBARRAY (C_ala0 (t+1)) (31,16))) | 

(BSal (cout_sal t) = WORDN 1 2) 

*> ( Par_Enc rap (SUBARRAY (C_a3a2 (t+1)) (15,0))) 

j ( Par_Bnc rap (SUBARRAY (C_a3a2 (t+1)) (31,16))))))" 

) 77 

% 

C-Port Block. 

- % 
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lat CBlock_QATE = nav_daf ini t ion 
( ' CBlock_GATB * r 

" i (rap : A RBP_ty) (• j t ima->cc_atata) (• :tin»->cc_«nv) (p : tim«->cc_out ) 

CB lock_GATE rap Bap* 

? (mf •m_mabort mf am_midla mf am_mraciua a t mf sm_ma3 i tima->bool#bool ) 
(mfam_ma2 mf am_mal mfam_maO mf am_mdl mfam_mdO : t ima- > bool# bool ) 

(mf am_iad_an_m mf am_m_cout_aall mf am_jm_cout_aalO : tima->bool#bool) 

(mf am_cm_an mf am_abort_la_an_ mf am_raparity : tima->bool#bool) 

(af am_iad_an_a afam_aidla afam_alock afam_aal : t ima -> bool# bool ) 
(afam_aaO afam_aala afam_adl afam_adO afam_aack :tima->bool#bool) 
(afam_aabort af ara^a_cout_aalO afam_aparity t tima->bool#boOl) 

(af am_ardy_an : tima->bool#bool) 

(df am_ardy dfam_maatar dfam_alava dfam_cin_0_la ttima->bool#bool) 
(dfam_cin_l_la df am_cin_3_la df am_cin_4_la : tima->bool#bool) 

( df am_cout_0_la dfam_cout_l_la dfam_cad_an_ df animal •_ : t ima- >bool#bool ) 
(df*m_rala_ df am_mrdy_ j t ima - >bool#bool ) 

( lock_in_inB lock_in_outQ laat_in_inB laat_in_outQ i t ima - >bool#bool ) 
(clkA_outQ laat_out_infl laat_out_inR laat_out_inB : t ima- > bool# bool) 

( la»t_out_outQ hlda aatatua_an_ aidla_dal_outQ itima->bool#bool) 
(mrgt_dal_outQ matatua_an_ writ* wrdy_inD : tima->bool#bool) 

( rrdy_inB wrdy_outQ rrdy_outQ iirdy_iaT iardy_inB : t ima - > bool# bool ) 
(cout_0_la_dal_out cin_2_la cout_l_la t tima->bool#bool) 

( mrdy_da l_out iad_an_a_dal_outQ iad_an c_pa_cnt buay i t ima- > bool #bool) 
(grant addraaaad cad_in_dat c_parity_inS c_parity_inR : t ima- > bool #bool ) 
( c parity. InB : tima- >bool#bool ) 

(mf am_ma i!am_ai cout_aal cad_in_dac aourca s t ima - >wordn#wordn ) 
(aizawrba iad_praout cad_praout t tima->wordn#wordn) 

(0R2_GATB (aig RatB a) mf animal lock_in_in B) /\ 

(DRBLatB_GATB (»ig I_loek_B a) (Big RatB a) lock_in_inB 
(Big C_lock_in_S a) lock_in_outQ) /\ 

(Laat_Logic_OATB (aig RatB a) (aig ClkDB a) mf am^rndl mf am_mabort 
laat_in_inB) /\ 

( DRBFFB_OATB (aig I_laat_in_B a) laat_in_inB (aig RatB a) 

(aig C_laat_in_S a) laat_in_outQ) /\ 

{ DEFFnB_GATB (aig CB_aa_inB a) mf am_abort_la_an_ (aig C_aaS a) 

(aig C_aa_outO p) ) A 

(DFFA_QATB (aig Clk.DE a) (aig C_clkAS a) clkA_outQ) A 

(Hold_Logic_OATB (aig CB_ma_inB a) (aig ClkDB a) afam^aal laat_out_inS 
laat_out_inR laat_out_inB) A 
(DSRBLatB_GATE OND laat_out_inS laat_out_inR laat_out_inB 
(aig C_laat_out_S a) laat_out_outQ) /\ 

(TRIBUF_GATB laat_out_outQ hlda (aig l_laat_out_0 p) ) /\ 

(0R2_GATB af am_aidla af am^aabort aatatua_an_) /\ 

( DFF A_OATB afam_aidla (aig C_aidla_dalS a) aidla_dal_outQ) /\ 

( DFF A_OATB mf am_mraquaat (aig C_mrqt_dals a) mrqt_dal_outQ ) /\ 

(Cout_Sal_Logic_OATB af am__a_cout_aalO mf am_m_cout_aall mf am_m_cout_aalO 
afam_adO afam_*dl cout_aal) /\ 

(NOT_GATB mf am_cm_an matatua_an_) /\ 

(DBFFA_OATB afanuaidla (aig ClkDB a) (aig C_>old_S a) 

( a ig I_hold_o p ) ) / \ 

( Srdy_Xn_Logic_OATB (aig CB_aa_inB a) dfam^ardy) /\ 

( Rdy_Logic_3ATE mf am_mdO mf am_mdl (aig ClkDB a) writ a df am_ardy wrdy_inD 
rrdy_inD ) / \ 

(DFFA_OATB wrdy_inD (aig C_wrdyS a) wrdy_outQ) /\ 

(DFFA_OATB rrdy_inD (aig C_rrdyS a) rrdy_outQ) /\ 

(ISrdy_Out_Logic_OATB wrdy_outQ rrdy_outQ mf am^mabort (aig I_cala_B a) 

• f am_a rdy_an iardy_inD iardy_inB) /\ 

(TRIBUF_OATE iardy_inD iardy_inB (aig l_ardy_out_0 p) ) /\ 

(CBaa_Out_Logic_GATB afam_aa (aig FmBufailuraB a) (aig Piu_invalidB a) 
(aig CB_aa_outO p) ) /\ 

(DFFA_OATB df am_cout_0_la (aig C_cout_0_la_dalS a) cout_0_la_dal_out ) /\ 

(DFFA_QATE df am_cin_0_la (aig C_cin_2_laS a) cin_2_la) /\ 
(Cout_l_L«_Logic_OATB dfam_maatar cout_0_la_dal_out df ain_cout_l_la 
cout_l_la) /\ 

(DFFA_OATB df am_mrdy_ (aig C_mrdy_dal_S a) mrdy_dal_out ) /\ 

(N0T_C3ATB (aig I_hlda_B a) hlda) A 

(TRIBUF_QATE df am_mala_ hlda (aig l_mala_out_0 p) ) /\ 

(TRIBUF_OATB dfanurala_ hlda (aig l_rala_out_0 p) ) A 
( TRIBUF_OATB mrdy_dal_out hlda (aig l_mrdy_out_0 p) ) I \ 

( DBFF A_QATE af am^iad_an_a (aig ClkDB a) (aig C_iad_an_a_dalS a) 
iad_an_a_dal_outQ) A 

( iad_Bn_Logic_QATB mf am_iad_an_m af am_iad_an_a i ad_an_a _da l_ou t Q 
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iad_an) A 

{CBma_Out_Logic_QATB mtmmjBM (aig Pmm_f ailuraE a) (aig Piu_invaiidB a) 
(aig CB_ma_outO p) ) /\ 

{ Pa_Cnt_Logic_<3ATB (aig ClkDE a) afam_ a parity mf am_mpar ity 
(aig CB_aa_inB a) c_pa_cnt> A 

{ Qrant_Logic_QATB (aig IdB a) (aig CB_rqt_in_B a) buay grant) /\ 
{Addraaaad_Logic_GATE (aig Ids a) sourca addraaaad) /\ 
(D_Writaa_Logic_OATB dfam_alava (aig ChannalXDB a) aourca 
(aig Diaabla_writaaO p) ) /\ 

(Parity_Dacoda_Logic_OATB rap (aig CB_ad_inK a) cad_in_dac cad_in_dat) /\ 
{Parity_Signal_Inputa_OATB (aig RatB a) cad_in_dat (aig ClkPB a) c_pa_cnt 

(aig Raaat_arrorB a) 

c_parity_inS c_parity_inR c_parity_inB) /\ 

( DSRBLatB_OATB QND c_parity_inS c_parity_inR c_parity_inE 

(aig C_parityS a) (aig CB_parityO p) ) A 
(CB_In_Latchaa_OATB (aig RatB a) cad_in_dac df am_cin_0_la df am_cin_l_la 
cin_2_la df anucin_3_la df an*_ein_4_la aourca aizawrba 
iad_praout (aig C_aourcaS a) (aig C_data_inS a) 

(aig C_aizawrbaS a) (aig C_iad_outS a)) /\ 
(BE_Out_Logic_OATB aizawrba (aig I_hIda_K a) (aig I __ba_out_0 p) ) /\ 
(TRIBUFn_QATB iad_praout iad_an (aig I_ad_outO p) ) /\ 

(Writa_Logic_QATB (aig I_ad_inE a) aizawrba (aig I_eala_B a) mfam_cin^an 
(aig C_wrS a) writa) A 

{ CB__Out_Log i c_QATB rap (aig I_ad_inB a) (aig CcrB a) df am_cout_0_la 
cout_l_la mf am_mraquaat cout_aal cad_praout 
(aig C_iad_inS a) (aig C_alaOS a) (aig C_a3a2S a)) /\ 

{ TRINBUPn_OATK cad_praout df anL-cad_an_ (aig CB_ad_outO p) ) /\ 

{ CMFSM_OATB af anL_ardy_an (aig ClkDE a) grant (aig RatB a) buay writa 

(aig I_crqt_B a) (aig l_hold_0 p) laat_in_outQ lock_in_outQ 
(aig CB_aa_inE a) (aig Piu_invalidB a) (aig C_mf am_atataS a) 
(aig C_mf anL_ardy_anS a) (aig C_mf am_DS a) 

(aig C_mfanL.gr ants a) (aig C_mfan*_ratS a) 

(aig C_mf am_buays a) (aig C_mf am^writaS a) 

(aig c_mf am_crqt_s a) (aig C_mf aw_bo ld^S a) 

(aig C_mfan*_laat_s a) (aig C_mf am_lock_S a) 

(aig c_mfaBK_»*s a) (aig c_mf am^invalids a) mf aiiL_mabort 
rnfasumidla mf am_mraquaat mfanL_ma3 mfam,_ma2 mf am_mal mfam_maO 
mfanL_mdl mf am_mdO mf am_iad_an_m mf anL_n\_cout_aall 
mf anL_nucout_aalO mf am_ma (aig CB_rqt_out_0 p) 

(aig l_cgnt_0 p) mf am_cm_an mf am_abort_la_an_ 
mf aaL_mpar ity ) / \ 

(CSPSM_OATB (aig ClkDE a) grant (aig RatB •) writa addraaaad 

(aig X_hlda_B a) (aig CB_ma_inB a) (aig C_af an^_atataS a) 

(aig c_afasL.DS a) (aig C_af am_grants a) (aig C_afam_ratS a) 
(aig c_af am_writaS a) (aig C_af am^addraaaadS a) 

(aig C_af air\_hlda_S a) (aig C_afam_maS a) afam_aa 
af am_iad_an_a afam_aidla afam_alock afam_aal afam_aaO 
afam_aala afam_adl afam^adO afam_»ac)c afam_aabort 
af an\_a_cout_aalO af am_aparity) /\ 

( CBFSM_QATB (aig I_cala_B a) (aig I_laat_in_B a) (aig I_mala_in_B a) 

(aig I_rala_in_E a) (aig I_ardy_in_B a) (aig RatB a) 

(aig c_af am^atataS a) (aig C_afanL_cala_S a) 

(aig c_af am,_laat_S a) (aig C_af am_mala_S a) 

(aig C_af am_rala_S a) (aig C_af am_ardy_S a) 

(aig C_af am^ratS a) a£am_ardy_an) /\ 

( CDFSM_QATB dfam_ardy (aig ClkDB a) clkA_outQ writa aizawrba afam_aidla 
aidla_dal_outQ afam^alock afam_aal afam_saO afam_aala 
afanuadl afanL.»dO afam^aack mfanL_midla mrqt _da l_out Q mf am_ma3 
mf am_ma2 mf am_mal mfam_maO mf am_mdl mf am_mdO (aig X_cala_B a) 
(aig I_ardy_in_B a) dfaoL_maatar dfsm_alava df an^_cin_0_la 
dfaia_cia_l_la dfam_cin_3_la df am_cin_4_la dfam_cout_0_la 
df am_cout_l_la dfam^cad_an_ df am_mala_ dfam_rala_ 
df am_mrdy _ ) " 


lat CBlock_EXP ■ aava_thm 
( 'CBlock_EXP 1 , 

(BBTA.RULB 

(RBWRITB_RULE [Laat_Logic_OATB ; Hold_L©gic_OATE / 

(BXPAND_LBT_RULB Cout_Sal_Logic_OATB ) ; Srdy_In_Logic_QATE; 
Rdy_Logic_OATB ; ISrdy_Out_Logic_OATB j 
( KXPAND_LBT_RULE CBaa_Out_Logic_OATB) ; 
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( EXP AND_ LK T_RULB CBma__Out_Logic_GATB) ; Cout_l_Le_Logic_GATB / 
I ad_B n_Log i c_OATB ; Pe_Cnt_Logic_GATE ; Grant_Logic_GATB; 

Addressed_Logic_GATB;D_Writes_Logic_aATB/ 
Parity_Decode_Logic_OATE ; Parity_Signal_Inputs_GATB ; 

( BXP AND_LE T_RO LB CB_In_Latches_GATE) ; BE_Out_Logic__GATB / 
Write_Logic_OATE ; CB_Out_Logic_OATB ; NOT_QATB ; 0R2_GATB ; 
TRIBUF_GATB ; TRIBUFn_GATE ; DRELatB_GATK ; DSRBLatB_GATB ; 
DFFA_GATB ; DHPFA_GATB ; DBFFnB_GATB ; DRKPFB_GATB ; 
<EXPAND_LBT_RULB CMFSM_QATB) / ( KXP AND_LBT_ROLB CSFSM_GATE) j 
CBFSM_GATK j CDF SM_GATB ; ASal ; BSa 1 ; GND ; s ig ; TRINBUFn_GATB ) 
(SPBC_ALL CBlocX_GATB) ) > 

) ; ; 

close_theory ( ) ; ; 


% 


File: cclocX_daf .ml 

Author: (c) D . A. Fura 1992-93 

Data: 3 March 1993 

This file contain* tha ml source for tha clocX-level specif ication of tha 
C-Port of tha FTBP PIU, an ASIC davalopad by tha Smbaddad Processing 
Laboratory, Boaing High Tachnology Cantar. Tha bulb of this coda wai 
translated from an M-language simulation program using a translator written by 
P.J. Windley at tha Dnivarsity of Idaho. 


% 


sat search_path ( saar ch_path ( ) » [ ' /home/elvis6/dfura/f tap/piu/hol/cport / ; 

' /home/elvis6/dfura/f tap/piu/hol/lib/ 4 / 

' /home/ a lvis 6 /dfura /hoi/ Library/ aba_thaory/ 4 ; 
' / horn* /alvis 6 /dfura/hol /Library/ tools/ 4 ? 

4 /homa/alvisC/dfura/hol/ml/ 4 

]);; 

sat_f lag ('timing 4 , true)/; 

system 4 rm cclocX_def . th 4 ? ; 

new_theory 4 cclocX_def 4 / / 

loadf 4 abs_thaory 4 / ; 
loadf 4 aux_def s 4 ; j 

map n*w_par*nt [ 4 piuaux_def 4 ; 4 caux_def 4 ; 4 cf sms_daf 4 ; 4 wordn_def 4 ; 4 array_daf 4 ] ; ; 
map new_parent ( 4 busn_def 4 ] / ; 

map naw_parant [ 4 gates_def 1 4 ; 4 latches.def 4 ; 4 f f *_daf ' / 4 counters_def / inaq ]n 

naw_typa_abbrav ( 4 1 imaC 4 , 44 1 num* ) / ; 

lat MSTART * "WORDN 2 4*;; 
let MEND = "WORDN 2 5 44 ; ; 
lat MRDY * "WORDN 26-/; 
lat MWAIT = -WORDN 2 7 "/; 
lat MABORT * “WORDN 2 0 44 // 

lat SACK « "WORDN 2 5-;; 
lat SRDY * -WORDN 2 6-// 
lat SWAIT * -WORDN 2 7 
lat SABORT * -WORDN 2 0-?; 

lat ASal * definition 4 piuaux_de£ 4 4 ASal 4 ;; 
lat BSel = definition 4 piuaux_def 4 'BSal 4 ;; 

lat REP_ty * abs_typa_inf o (theorem 4 piuaux_daf 4 4 REP 4 );; 

% 

Naxt-stata definition for C-Port instruction. 
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•% 


1st CC_NSF * naw_daf inition 
( * CC_NSF ' , 

** ! (rap i A RBP_ty) (a :cc_atata) (a tcc.tnv) . 

CC_NSF rap a a * 

1st C_mf an\_*tata * C_mf am^atataS 9 and 

C_mf anv_srdy_an * C_mf am_ardy_anS a and 

C_mfauLD ■ C_mf *m_DS 9 and 

C_mf am^grant » C_m£anuff rants 9 and 

C_mfanur»t * C_mf am^ratS a and 

C_mf am_buay ■ C_mf am_b\iayS a and 

C_mf ain_writa * C_mf am^writaS a and 

C_mfam_crqt_ * C_mf am^crqt_S a and 

C _mf a m_ho 1 d_ * C_mf am ( _hold_S a and 

C_m£am_laat_ « C_mf am^laat_S a and 

C_mf am^lock_ « C_mf an\_lock_S a and 

C_mfanuaa * c_m£am_aas a and 

C_mfam^ invalid « C_mf am^invalidS a and 

C_af anuatata » C_af am^atatsS a and 

C_afam_D » C_af am_DS a and 

C afam grant « C_af am_grantS a and 

C_#fan*_rat * C_afam_ratS a and 

C_af ain_writs * C_af an^writsS a and 

C_af * C_af am_addraa*adS a and 

C_a£anuhlda_ * C_a£am^hlda_S a and 

C_af am_ma « C_af am_maS a and 

C_sf am^atata ■ c_s£a«u*tatsS a and 

C_afanuc*la_ m C^afsnucala.S a and 

C_af auL_laat_ » ^sfau^laat.S a and 

C_sf am_mala_ * C_af sa^inala^S a and 

C_sfam_rala_ » C_a£saL_rala_S a and 

C_afam_ardy_ = C__a f am_a rdy_S a and 

C_afaav_rat « C_ a£am_ratS a and 

C_lock_in_ * C_lock_in_S a and 

C_laat_in_ * C„laat_in_S a and 

C_aa ■ C_aaS a and 

C_clkA a C_cl)cAS a and 

C_laat_out_ s C_laat_out_S a and 

C_aidla_dal * C_aidla_dalS a and 

C_mrqt_dsl * C_mrqt_dalS a and 

C_hold_ * C_hold_S a and 

C_cout_0_la_dal = C_cout_0_la_dalS a and 

C_cin_2_la * C_cin_2_laS a and 

C_mrdy_dsl_ * C_mrdy_dal_S a and 

C_iad_an_a_dal * C_iad_sn_a_dalS a and 

C_wrdy ■ C_wrdyS a and 

C_rrdy ■ C_rrdyS a and 

C_parity * C_parityS a and 

C_aourc* » C_aourcsS a and 

C_data_in * C_data_inS a and 

C_aizawrba * C_aizswrbaS a and 

C_iad_out * C_iad_outS a and 

C_alaO * C_alaOS a and 

C_a3a2 * C_a3a2S a and 

C_iad_in - C_iad_infl a and 

c_wr • c_wrs a in 

1st I_ad_in * I_ad_inB s and 
I_ba_in_ m I_bs_in_B s and 
I_mrdy_in__ * I_mrdy_in_B s and 
I_rals_in_ * I_rala_in_B a and 
I_mala_in_ * I_?aals_in_K • and 
I_laat_in_ * I_laat_in_B a and 
I_ardy_in_ = I_ardy_in_B a and 
I_locfc_ « I_lock_B a and 

I_cala_ * I_cala_B a and 

I_hlda_ * I_hlda_B a and 

I_crqt_ * I_crqt_B a and 

CB_rqt_in_ * CB_rqt_in_B a and 
CB_ad_in « CB_ad_inB a and 
CB_ma_in « CB_ma_inB a and 
CB_aa_in ■ CB_aa_inB a and 
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Rat * RatE a and 
ClJcD - ClJcDB • and 
Id * IdE a and 

ChannallD = ChannallDB a and 
Pmm_failura * Pmm_f ailuraB a and 
Piu_invalid * Piu_invalidE a and 
Ccr * CcrB a and 

Raaat_arror = Raaat_arrorE a in 
lat naw_C_mf«m^*tata ■ 

((C_inf»iiLr»t) => CM I | 

(C_mf Bnuatata * CMI) => 

( (C_mf anuD / \ -C_mf am_crqt„ A ~C_mfam_buay / \ ~C_mf am_invalid) 

=> CMR | CMI) | 

(C_mf »nu*tata * CMR) *> 

((C_mf«ncD /\ C_mf a migrant /\ C_mf anuhold_) *> CMA3 | CMR) I 
(C_mf am_atata » CMA3 ) ■> ( (C_mfam_D) ■> CMA1 I CMA3 ) I 

(C_mf fULitate « CMA1) *> 

( {C_mf am_D /\ (C_mfam_8B * A SRDY) ) «> CMAO I 

(C_mf am_D /\ (C_mf am_aa « A SABORT) ) «> CMABT I CMAl) I 
(C_mf am_atata - CMAO) -> 

( (C_mfanv_D / \ (C_mfanuaa “ A SRDY) ) ■> CMA2 I 

(C_mfam_D A (C_mf am_aa * A S ABORT ) ) *> CMABT | CMAO) I 
( C_mf am_atata * CMAl ) => 

( (C_mf am_D t\ (C_mf am_aa * A SRDY} ) *> CMDl I 

(C_mfam_D A (C_mfani_B8 « A S ABORT) ) => CMABT I CMAl ) I 
(C_mf ■xn_f tata * CMDl) *> 

( (C_mf sm_D A (C_mf am_Ba = A SRDY) ) => CMDO | 

( c_mf am_D /\ * A S ABORT) ) -> CMABT I CMDl) I 

{ C_mfam_atata * CMDO) *> 

( ( c_mf am_D A (C_mfam_aa - A SRDY) A C_mf am_laat_) -> CMDl I 

(C_mf am_D /\ {C_m£am__»a « A SRDY ) /\ ~C_mf am_laat_) *> CMW I 

(C_mfam_D /\ (C_mfam_aa « A S ABORT) ) «> CMABT I CMDO) I 
(C_mf «m_»tata * CMW) *> 

( (C_mf*rn_D / \ {C_mf am_aa ■ A S ABORT) ) «> CMABT I 

(C_mf anuD A (C_mfanL_»* * A SACK) /\ C_mf am_locfc_) «> CMI I 

(C_mf am_D /\ (C_mfam_aa * A SRDY) /\ ~C_mf am_lock_ A -C_mf am_crqt_) 

■ > CMA3 | CMW) | 

(~C_mfam_laat_) *> CMI I CMABT) in 
lat mf am_mabort * (naw_C_mf am^atata 3 CMABT) in 
lat mf am_midla * ( naw_C_mf am_a tata « CMI) in 
lat mf am_mraquaat ■ (naw_C_mf am_«tata * CMR) in 
lat mf am_ma3 * { naw_C_mf am_atata * CMA3 ) in 
lat mfam>_ma2 ■ ( naw„C_mf am_a tata ■ CMA2) in 
lat mf am_mal « (naw_C„m£am_atata * CMAl) in 

lat mf am^maO = ( naw_C_mf am_a t at • * CMAO) in 

lat mf am^mdl ■ (naw_C_mf am_atata * CMDl) in 

lat mf am__mdO * {naw_C_m£am_*tata * CMDO) in 

lat mf a m_ i ad_ a n_m * 

( ( (naw_C_mf am^atata - CMDl) l \ ~C_mf am_writa A C_mf am_ardy_an) \/ 

( (naw_C_mf am_atata - CMDO) / \ -C_mf am_vrita /\ C_mf am_ardy_an ) \ / 

( (naw_C_mf am_atata * CMW) A (C_m£am_atate s CMDO) / \ ~C_mf am_writa A 
C_mf am L _ardy_an) ) in 
lat mf ant_nv_cout_aall * 

( (naw_C_mf anustata * CMA3) \/ ( naw_C_mf am_a t at a * CMAl)) in 
lat mf am_nL_cout_salO - 

( (naw_C_mf anu»tata - CMA3 ) \/ (naw_C_mf am_atata - CMAl) \/ 

(naw_c_mf am_atata - CMDl)) in 
lat maO * 

(ALTER 

ARBN 

( 0 ) 

( ( (naw_C_mf am_atata - CMDO) /\ -C_mf am_laat_) \/ 

(naw_C_mf am_atata * CMABT) \/ 

{ (naw_C_mf am_»tata * CMW) /\ C_mf am_loc)0 ) ) in 
lat malO - 
(ALTER 
maO 

( 1 ) 

( (naw_C_mf am_atata * CMAl) \/ 

(naw_c_mf anu*tata = CMAO) \/ 

(naw_C_mf am_atata - CMAl ) \/ 

(naw_C_jaaf am_atata * CMDl) \/ 
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( (naw_C_mf am_»tata = CMDO) /\ C_mf sr0.aat_) \/ 

{ naw_C_mf sm_* tat* « CMW) \ / 

(naw_C_mf am_*tata « CMABT) ) ) in 
let ma210 - 
(ALTER 
ms 10 
(2) 

( (naw_C_mf •m_*tata ■ CMA3 ) \/ 

( naw_C_mf *m_» tat* ■ CMA1) \! 

(naw_C_mf sm_atata * CMAO) \/ 

( naw_C_m£ sol* t at • * CMA2) \ / 

(naw_C_mfsm_stata * CMD1) \/ 

<naw_C_mf am_atata ■ CMDO) \/ 

(naw_C_mf sm_atata * CMW) ) ) in 
lat mf «n\_ms * ms210 in 

lat m£am^rqt_ * ( naw_C_mf air^a t at a ■ CMI ) in 
lat mf enLcgnt_ » ( - (naw_C_mf *m_»tata = CMA3 ) ) in 

lat mf am_cm_an ■ ( - (naw_c_mf sm_atata m CMI) /\ ~ (naw_C_mf am_»tata * CMR) ) in 
lat mf am_*bort_la_an_ * 

(- (naw_C_mf *m_stata * CMABT) \/ (naw_C_mf »m_atata » CMI)) in 
%ok to hara aftarwarda daath dua to £rama stack overflow* 
lat mf sm_nq?arity a ( (naw_C_m£am_atata = CMA3 ) \/ 

(naw_C_mf am^stata » CMA1) \/ 

(naw_C_mf sm_stata * CMAO) \/ 

(naw_C_mf am_stata * CMA2 ) \/ 

(naw_C_m£ sm_atata ■ CMD1) \/ 

(naw_C_mf sm_stata » CMDO) \/ 

(C_jnf am_atata ■ CMA1) \/ 

(C_m£ain k _atata - CMAO) \/ 

( C_mf »m_atata - CMA2 ) \/ 

(C_m£snL.»t at a - CMDl ) ) in 
lat naw_C_#f am_*tata « 

( (C_»f sm^rst ) »> CSI I 
(C_sf sm^stata * CSI) *> 

( (C_sf sm_D /\ (C_sf am_jna a A MSTART) /\ ~C_sf am_qrant A 
C_s f snuaddr a a a ad ) 

■> CSA1 I CSI) i 
(C_af sm^atata - CSL) -> 

( (C_af sm_D /\ (C_sfanL_ms - A MSTART) A ~C_af am_grant A 
C_a f ancaddr a a a a d ) 

■> CSA1 ! 

(C_sf am_D /\ (C_sf am_ms ■ A MS TART) / \ ~C_af a migrant / \ 

-C_s f sm_addraaaad ) 

■> CSI ( 

(C_afam_D /\ (C_sf am_ms - A MABORT) ) *> CSABT I CSL) l 
(C_af am_atata * CSA1) «> 

((C_afanL.D /\ ( C_s f Smyrna - A MRDY) ) -> CSAO | 

(C_af am_D /\ (C_sf sn^jaa ■ A MABORT) ) ■> CSABT | CSAl) | 

(C_af am_stata * CSAO) «> 

( (C_af am_D /\ (C_sfam_ifts * A MRDY) /\ -C_a£am_hlda_) »> CSALB | 

{C_af am_D /\ ( C_s f am_ms * A MRDY) /\ C_af am_hlda_) ■> CSAOW I 

(C_af am_D /\ (C_sfanL_ms » A MABORT) ) -> CSABT | CSAO) I 

(C_afam_stata « CSAOW) «> 

( (C_afam_D /\ (C_sfam_ma * A MRDY) /\ -C_af anL_blda_) *> CSALB I 

(C_afam_D /\ (C_af ampins * A MABORT) ) -> CSABT I CSAOW) | 

(C_af am_atata - CSALB) «> 

( (C_sfam_D /\ C_af am_writa A (C_sf am_ma * A MRDY) ) *> CSD1 | 

(C_afam_D /\ -C_sfanL_writa A ( C_s f sm_ma a A MRDY) ) «> CSRR i 
(C_afam_D /\ {C_sf sm„ms * A MABORT) ) «> CSABT I CSALB) I 
(C_af sm_stata * CSRR) ■> 

( (C_afamJ> A ~(C_sfsm_m# * A MABORT) ) -> CSDl | 

(C_sf am_D /\ (C_sf am_ma - A MABORT) ) «> CSABT | CSRR) | 

(C_af am_»tata ■ CSDl) *> 

( (C_sfam_D A (C_sf anuma - A MRDY) ) *> CSDO | 

(C_sfsm_D /\ (C_sfanL_ma - A MABORT) ) => CSABT | CSDl) | 

(C_af am_atata * CSDO) *> 

( (C_sf am_D /\ (C_af am_ms «= A MBND) ) »> CSACK I 
(C_afsm_D A (C_af am_m# a A MRDY) ) *> CSDl | 

(C_afsm_D A (C_afam_ms * A MABORT) ) -> CSABT I CSDO) | 

(C_af am_atata » CSACK) ■> 

( (C_afam_D A (C_afam_ma * A MRDY) ) *> CSL I 
(C_sfam_D /\ (C_afam_ma * A MWAIT) ) »> CSI I 
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(C_afam_D /\ (C_af *m_ma * A MABORT) ) => CSABT I CSACK) I 

(C_»fsnuD) => CSI | CSABT) in 
let aaO * 

(ALTER 

ARBN 

(0) 

( (new_C_af am_atate * CSAOW) \/ 

( <new_C_afem_etate * CSALB) /\ -C_af am_write ) \/ 

(new_C_af am_atate * CSACK) ) ) in 
let eelO » 

(ALTER 

•«0 

(1) 

(- (new_C_«f em_*tate = CSI ) /\ 

- (new_C_af am_atate * CSACK) /\ 

- (new_C_af em_atate ■ CSABT))) in 
let aa210 = 

(ALTER 

eelO 

(2) 

( - ( ne w_C_a f anv_a t at e * CSI) /\ - (new_C_a£am_atate = CSABT))) in 
let afa m_aa * ■ ■210 in 
let af am_iad__en_a * 

( ( (new_C_a£anu*tate * CSALB ) /\ - (C_af am_atate - CSALB)) \/ 

( <new_C_sf am_atate * CSALB) /\ C_ef anuwxite) \/ 

( (new_C_af am^atate - CSDl) /\ C_af am^write /\ - (C_a£am_«tate - CSRR) ) \/ 

( (new_C_ef am_atate * CSDO) /\ C_af am_write) A 
{ (new_C_af am_atate - CSACK) /\ C_ef am^write) ) in 
let afam_aidle = (new_C_af am_atate * CSI) in 
let afam_alock * (new_C_af am_atate = CSL) in 
let afam_aal * (new_C_ef am„atate « CSA1) in 
let afam_aaO ■ (new_C_ef am_atate ■ CSAO) in 
let af am_aale * (new_C_a£am_atate = CSALB) in 
let afa m_adl « (new_C_a£am^*t*t« * CSDl) in 
let afam_adO * (new_C_af axru*tate « CSDO) in 
let af am^aack * (new^C^efem^atate = CSACK) in 
let afam_aabort * (new_C_ef am^atate • CSABT) in 
let af am_a_cout_aelO * (new_C_af am^atate * CSDl) in 
let efenL.aparity * ( - (new_C_ef em^tate , CSI) /\ 

~ (new_C_ef ara__etate ■ CSACK) /\ 

- (new_C_afanL.atate = CSABT)) in 
let new_C_ef am_atate * 

{ (C_ef anurat ) *> CBI I 

( C_ef an\_at at e * CBI) *> ( ( ~C_e£ain_cale_) *> CBB I CBI) 1 
( ( -c_ef am_laat_ /\ -C_ef am_ardy_) \/ ~C_ef am_male_ \/ -C_e£am_rale_) 

*> CBI I CBB) in 

let efam_ardy_en - ( (new_C_e£axn_atate - CBB) \/ (C_ef sm_atate « CBB)) in 
let new_C_lock_in_ * 

( ( BSel (Rat ) \/ mfam_mal) 

» ((BSel (Rat)) -> F I BSal ( I_lock_) ) 

| C_lock_in_) in 
let new_C_laet_in_ * 

( ( ASel (Rat ) \/ (ASel(ClkD) /\ mfam_mdl) \/ mfam_mabort) 

»> ((ASel (Rat)) *> F I ASel ( I_laat_in_) ) 

I C_laet_in_) in 
let new_C_aa * 

( (m£an_abort_le_en_) *> ASel (CB_ae_in) I C_aa) in 
let new_c_clkA * BSel(ClkD) in 

l«t mand • ( (ASal <CB_ma_in) « A MBND) , (BSal (CB_ma_in) « A MBND) ) in 

lat mabort - ( (ASal (CB_ma_in) « A HABORT) , (BSal (CB_ma_in) - A MABORT) ) in 

let laat_out_inS = efam_**l in 

let laat_out_inR » (BSel (ClkD) /\ (BSel(mend) \/ BSel (mabort ) ) ) in 
let new_C_laat_out_ ■ 

( (laat_ont_inS \/ laat_out_inR) 

.> ( (laat_out_in 3 A -laat_out_inR) »> T I 
{ - laa t_out_inS A laat_out_inR) -> F I 
( -laet_out_inS A -laat_out_inR) =»> F | ARB) 

| C_laet_out_) in 
let new_C_aidle_del ■ afam_eidle in 
let new_C_mrqt_de 1 * mf am_mrequeat in 
let new_C_hold_ * 

( (BSel (ClkD) ) ■> afam_aidle I C_hold_) in 
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let new_C_wr * 

( (-BSel(I_cale_J ) *> (BLKMBNT (BSal ( I_ad_in) ) (27) > I C_wr) in 

let mf am_cin_4_leB * (C_clkA /\ afam^aaO) in 
let new_C_aizewrbe * 

( (BSal (Rat ) ) «> WORDN 9 0 | 

(mf em_cin_4_laB) *> (SUBARRAY C_data_in (31,22)) 

| C_aizewrbe) in 

let write * 

( ( (mf am^cm_en) *> C_wr | (BLKMBNT C_aizewrbe (5) ) ) , 

( (mfsm_cm_an) => new_C_wr | (BLKMBNT naw_C_aizawrbe (5)))) in 
let ardy * ( (ASel (CB_aa_in) * A SRDY) , (BSal (CB_aa_in) * A SRDY ) Y in 
let dfam_master = 

( (mfam_ma3 \ / mfam_ma2 \/ mfam_mal \/ mfam_maO \ / mf am_mdl \ / 
mf am_mdO ) , 

(mf sm_ma3 \/ mf «m_ma2 \/ m£am_mal \ / mfam_maO \ / raf am mdl \ / 
mf am_mdO ) ) in 
let d£am_alav* = 

( (~af am_«idl« /\ -af am_alock) , { -af am_aidle A -af am_«lock) ) in 
let df am_cin_0_leB * 

(BSel(ClkD) /\ 

( (mf an^_mdO /\ BSal (ardy) /\ -BSal (write ) ) \/ 
afam_aaO \/ 

(afam^adO A BSal (write) )) ) in 
let df am_cin_l_leB = (BSel(ClkD) /\ 

{ (mfam_mdl A BSal(ardy) /\ -BSal (write) ) \/ 
afam_aal \/ 

(afam_adl /\ BSal (write ))) ) in 

let df am_cin_3_leB * (BSel(ClkD) A (afam^aidle \/ af ■m_alock) ) in 
let df am_ccmt_0_leB * 

(BSal (I_cale_) \/ 

(BSal (I_ardy_in__) A -BSal (write) ) \/ 

(mf am_maO /\ BSal(ardy) /\ BSal (write) /\ BSel(ClkD)) \/ 

(mfam_mdO /\ BSal(ardy) /\ BSal (write) /\ BSal(ClkD))) in 
let df em_cout_l_laA - (C_clkA A afam_adl) in 
let dfam_cad_en_ * 

( {-(mf anL_ma3 \/ 
mfanL_ma2 \/ 
mf animal \/ 
mfaitL_maO \/ 

(ASal(writa) /\ (mf am_mdl \/ mf sm_mdO ) ) \/ 

(-ASal (write) /\ (afam_adl \/ af am_adO) ) ) ) , 

{ - (mf em_ma3 \/ 
mf am^raa2 \ / 
mf am_mal \/ 
mf am^maO \ / 

(BSal (write) A (mfam_mdl \/ mf am_mdO ) ) \/ 

( -BSal (write) /\ (afam_adl \/ af am_adO) ) ) ) ) in 
let dfam L _male_ * 

( (-(afanu«ala /\ -(VAL 1 (SUBARRAY C_aizawrba (1,0)) * 3) /\ c_clkA) ) , 

( - ( af am_aala /\ -(VAL 1 (SUBARRAY new_C_aizewrbe (1,0)) - 3) A C_clkA) ) ) 
in 

let dfam_rale_ * 

( (-(afanuaala A (VAL 1 (SUBARRAY C_aizewrbe (1,0)) * 3) A C_clkA) ) , 
(-{afanuaala A (VAL 1 (SUBARRAY new_C_aizewrbe (1,0)) » 3) A C_clkA) ) ) 
in 

let df am_mrdyB_ = 

(-( (-BSal (write) /\ BSel(ClkD) A (afan^aale \/ afam_adl) ) \/ 

( -BSal (write) A C_clkA A afam^aack) \/ 

(BSal(writa) /\ BSel(ClkD) /\ afam_adO))) in 
let new_C_cout_0_le_del * df am_cout_0_leB in 
let new_C_cin_2_le * df anucin_0_laB in 
let new_C__mrdy_dal_ * dfai^_mrdyB_ in 

let new_C_iad_en_a_dal ■ ( (BSal(ClkD) ) *> a f am_iad_en__a I C_iad_en_a__del) in 
let naw_C_wrdy * (BSal(ardy) A BSal(writa) A mf am_mdl /\ BSal(ClkD)) in 
let new_C_rrdy * (BSal(ardy) /\ -BSal(writa) /\ mf«m_mdO A BSel(ClkD)) in 
let pa_cntB « (BSel(ClkD) /\ 

(- (af am_aparity * mf am_jnparity) \/ 

{(SUBARRAY (BSal <CB_aa_in) ) (1,0)) = WORDN 10))) in 

let parity_inS * 

( (Par_Det rap (BSal (CB_ad_in) ) ) A BSel(ClkD) A pe_cntB) in 
let parity_inR * (BSal(Rat) \/ BSal (Reaet_error) ) in 
let new_C ^parity * 
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( (parity_inS \/ parity_inR) 

*> ( (parity_inS A -parity_inR) => T | 

(-parity_ins A parity_inR) *> F I 
(-parity_inS /\ -parity_inR) => F I ARB) 

| C_parity) in 
lat naw_C_aourca * 

( (BSal (Rat ) ) -> WORDN 15 0 | 

(dfaav_cin_3_laB) *> (Par_Dac rap (BSal (CB_ad_in) ) ) I C_aourca) in 
lat di31_16 « 

(MALTBR 

C_data_in 

(31,16) 

((BSal (R*t>) *> WORDN 15 0 I 

( df am_c in_l_laB ) 

=> (Par_Dac rap (BSal (CB_ad_in) ) ) 

| (SUBARRAY C_data_in (31,16)))) in 
lat di31_0 = 

(MALTBR 

di31_16 

(15,0) 

((BSal (Rat)) *> WORDN 15 0 I 
( df islc in_0_laB ) 

■ > (Par_Dac rap (BSal (CB_ad_in) ) ) 

| (SUBARRAY C_data_in (15,0)))) in 
lat naw_C_data_in * di31_0 in 

lat naw_C_iad_out * (C_cin_2_la *> C_data_in I C_iad_out) in 
lat cout_l_laA * 

( (df am^cout_l_laA /\ -ASal (df am_maatar) ) \/ 

(ASal (df am_maatar) A C_cout_0_la_dal) ) in 
l«t naw_C_alaO * (cout_l_laA *> C_iad_in I C_ala0) in 
lat naw_C_a3a2 - (mf am_mraquaat «> (ASal(Ccr)) I C_a3a2) in 
lat naw_C_iad_in ■ (df am_cout_0_laB *> (BSal ( I_ad_in) ) I C_iad_in) in 
lat grantB * 

((((SUBARRAY (BSal (Id)) (1,0)) * WORDN 10) /\ 

- (ELEMENT (BSal (CB_rqt_in_) ) (0)) ) \/ 

(((SUBARRAY (BSal (Id)) (1,0)) * WORDN 1 1) /\ 

-(ELEMENT (BSal (CB_rqt_in_) ) (0)) /\ 

(KLEMBNT (BSal (CB_rqt_in_) ) (1)) ) \/ 

(((SUBARRAY (BSal(Id)) (1,0)) - WORDN 1 2) A 
-(ELEMENT (BSal (CB__rqt_in_) ) (0)) A 

(ELEMENT (BSal (CB_rqt_in_) ) (1)) A 

(ELEMENT (BSal (CB__rqt_in_) ) (2)) ) \/ 

(((SUBARRAY (BSal(Id)) (1,0)) = WORDN 1 3) A 
- (ELEMENT (BSal (CB_rqt_in_) ) (0)) A 

(ELEMENT (BSal (CB_rqt_in_) ) (1)) A 

(ELEMENT (BSal (CB_rqt_in_) ) (2)) A 

(ELEMENT (BSal ( CB_rqt_in_ ) ) (3)))) in 

lat buayB ■ (-((SUBARRAY (BSal (CB_rqt_in_) ) (3,1)) - (WORDN 27))) in 

lat addraaaadB » (BSal(Id) - (SUBARRAY naw_C_aourca (15,10))) in 
lat naw_C_mf anv_ardy_an - afam^_ardy_an in 
lat naw_C_mfam_D ■ (BSal (ClkD) ) in 
lat naw_C_mf am grant « grantB in 
lat naw_C_mf am_rat * (BSal (Rat)) in 
lat naw_C_mf am_buay » buayB in 
lat naw_C_mf am^WTita * (BSal (writa) ) in 
lat naw_C_mf am_crqt_ * (BSal ( I_crqt_) ) in 
lat naw_C _mf a m_ho 1 d_ * C_hold_ in 
lat naw_C_mf am_laat_ ■ naw_C_laat_in_ in 
lat naw_C_mf am_loc)c_ * naw_C_lock_in_ in 
lat naw_C_mfam_aa « (BSal (CB_aa_in) ) in 
lat naw_C_m£am_invalid * (BSal (Piu_invalid) ) in 
lat naw_C_af am^D * (BSal (ClfcD) ) in 
lat naw_C_af anugrant * grantB in 
lat naw_C_af aii^rat * (BSal(Rat)) in 
lat naw_C_af am_writa * (BSal (writa) ) in 
lat naw_C_af am_*ddraaaad * addraaaadB in 
lat naw_C_a f em_hlda_ * (BSal (I_hlda_) ) in 
lat naw_C_a f am_ma m (BSal (CB_ioa_in) ) in 
lat naw_C_af anu<=*l«_ * (BSal ( I_cala_) ) in 
lat naw_C_af a®_laat_ « (BSal (I_laat_in_) ) in 
lat naw_C_a f am_mala_ * (BSal (I_mala_in_) ) in 
lat naw_C_af amoral a_ * (BSal (I_rala_in_) ) in 
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let new_C_e£ am^ardy^ * (BSel { I_ardy_in_) ) in 
let new_c_ef an\_rat « (BSel (Rat)) in 

(CCState new_C_mf am_*tate new_C_mf am_ardy_en naw_C_mf » bl_D new_C_mf *m_grant 
new_C_mf am_rat new_C_mf am_bu«y new_C_mf am_write naw_C_mf am_crqt_ 
naw_C_mf anOio ld_ new_c_mf am^laat_ naw_C_m£ am__lock_ new_c_mf am_aa 
new_C_mfam_invalid new_C_af sm_atate naw_C_»f «n_D new C afam grant 
naw_C_af am_rat new_C_af am_write new_C_af am__addreaaed 
new_C_af am_hlda_ new_C_af am_ms new_C_ef enuatate new_C_efara l _cale_ 
new_C_ef am_laat_ new_C_ef sm_mal •_ new_C_ef sm_rale_ new_C_ef am_ardy_ 
naw_C_a£»Ea_rat new_C_lock_in_ new_C_laat_in_ new_C_aa naw_C_clkA 
new_c_laat_out_ new_C_sidle_del new_C_mrqt_del new_C_hold_ 
new_C_cout_0_le_del naw_c_cin_2_le naw_C_mrdy_dal_ 

new_C_iad_en_a_del new_C_wrdy new_C_rrdy new__Cj>arity new_C_aourca 
new__C_data_in new_C_aizewrbe new_C_Iad_out new_C_alaO new_C_a3a2 
new_C_iad_in n«w_C_wr) " 

);; 

let CC_NSF_RKW =. aave_thro 
( ' CC_NSF_RBW ' , 

( PURE_ONCB_RBWRITE_RULE [ASel;BSel] CC_NSF) 


% 

Output definition for c-Port instruction. 

% 


lat CC_OF * new_def inition 
( * CC_OF ' , 

M \ (rap i A REP_ty) (a :cc_atata) (a tcc_env) 

CC_OF rap a a « 

lat C_mf am_atata * C_mf am_atateS a and 

C_mf am_»rdy_an * C_mf anu* rdy_ans a and 

C_mf aw_D * C_mf am_DS a and 

C mf am grant » C _mf am_grant S a and 

c_mfam_rat * C_mf am_rats a and 

C_mf am^buay * C_mf am^buayS a and 

C_mf BBL.writa * C_mfem_wr it aS a and 

C_m£ am_crqt_ * C_znf am_crqt_S a and 

C_m£ am_hold_ ■ C_mf am u _hold_S a and 

C_mf angles t_ * C_mf am_laat_S a and 

C_mf am^lock_ * C_mf am_lock_S a and 

C_mfan*_ae * C_mf axn_aaS a and 

C_mfam^ invalid ■ C _mf a nv_ invalids a and 

C_a£ am_atata * C_af anv_»tataS a and 

C_af am_D ■ C_af an\_DS a and 

C_a fam_grant ■ C af am grants a and 

C_afaaurat * C_afam_rstS a and 

C_afsm_write ■ c_af BHv_writeS a and 

C_afam_addr eased - C_af am_addraaaadS a and 

C_af aia_hlda_ * C_sf am_hlda_S a and 

C_afSBi_n* = C_afam_maS a and 

C_ef acetate * C_af am_» tat aS a and 

C_af an^_cala_ = C_af sa^_cale_S a and 

C_ef am_l*et_ * C_ef ambles t_S a and 

C_ef am_mala_ * C_ef amjaale_S a and 

C__efsm_**l*_ * C_ef anurale_S a and 

C_ef am_erdy_ - C_ef am^s rdy_S a and 

C_afaiQ_rat * C_afam_ratS a and 

C_lock_in_ * C_loc)c_in_S a and 

C_laat_in_ * C_last_in_S a and 

C_aa * C_aaS a and 

C_clkA ■ C_clkAS a and 

C_laat_out_ » C_laat_out_S a and 

C_aidle_del * C_aidla_dalS a and 

C_mrqt_dal • C_mrqt_dalS a and 

C_hold_ * C_hold_S a and 

C_cout_0_le_del - C_cout_0_le_delS a and 
C_cin_2_le * C_cin_2_laS a and 
C_mrdy_dal_ * C_mrdy_da 1_S a and 
C_iad_en_a_del * C_iad_en_s_delS a and 
C_wrdy m c_wrdyS a and 
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C_rrdy = C_rrdyS a and 
C_parity = C_parityS a and 
C_aource ■ C_aourceS a and 
C_data_in * C_data_inS a and 
C_aizewrbe * C_aizewrbeS a and 
C_iad_out * C_iad_outS a and 
C_alaO * C_alaOS a and 
C_a3a2 * C_a3a2S a and 
C_iad_in * C_iad_inS a and 
C_wr * C_wrS a in 
let I_ad_in * I_ad_inB a and 
I_be_in_ ■ I_be_in_E e and 
I_mrdy_in_ * I_mrdy_in_B e and 
I_rale_in_ = I_rale_in_B e and 
I_male_in_ » I_male_in_B e and 
I_laat_in_ « I_laat_in_B e and 
I_ardy_in_ ■ I_ardy_in_B • and 
I_lock_ * I_lock_B e and 
I_cale_ * I_cale_B e and 
I_hlda_ a i_hlda_B e and 
I_crqt_ « I_crqt_B e and 
CB_rqt_in_ * CB_rqt_in_E e and 
CB_ad_in « CB_ad_inB e and 
CB_ma_in « CB_ma_inB e and 
CB_e»_in a CB_»»_inB e and 
Rat a RatB e and 
ClkD ■ ClJcDB e and 
Id a idB e and 

Channel ID * Channel IDE e and 
Pran^f allure a pmm_£ailureB e and 
Piu_ invalid a piu_invalidB e and 
Ccr a CcrB e and 
Reaet_error * Reaet_errorB e in 
let new_C_mfenL_atate ■ 

( (c_mf am_rat ) •> CM I I 
( C_mf em_atate a CMI) => 

( ( C_mf »m_D /\ -C„mf em_crqt_ / \ ~C_mfam_buay / \ -C_xof a invalid) 

=> CMR | CMI) | 

(C_m£anu*tate ■ CMR) a> 

{ (C_m£am_D / \ C rnfa m g rant / \ C_mf am_hold_) *> CMA3 I CMR) I 
(C_mf am_atate * CMA3 ) a > ( { C__mf anv_D ) = > CMAl | CMA3) I 

( c_mf airuatate a CMAl) *> 

( (C_mf am_D / \ (C_mf sm_es = A SRDY) ) *> CMAO I 

(C_mf »m__D /\ (C_mf«m_is - A S ABORT ) ) a> CMABT | CMAl) I 
{C_mf am_atate = CMAO) *> 

{ (C_m£am_D / \ (C_m£am_i« a A SRDY) ) *> CMA2 I 
( C_mf am_D /\ (C_mfam_ea - A S ABORT) ) *> CMABT I CMAO) I 
(C_mf*BL*tati » CMAl ) «> 

( (C_mfam_D / \ (C_mf am_» ■ * A SRDY) ) *> CMDl I 

( c_mf am_D / \ (C_mf am_» ■ * A S ABORT) ) ■> CMABT I CMAl) I 

(C_m£ am_at at e a CMDl) «> 

( ( C_m£ am_D / \ {C_m£am_** ■ A SRDY) ) *> CMDO I 
( c_mf am_D A (C_m£ain_aa * A SABORT) ) *> CMABT I CMDl) I 
(C_mf am_atate a CMDO ) ■> 

{ (C_mf am_D /\ (C_nfanL»* * A SRDY) /\ C_mf am_laat_) «> CMDl I 

(C_mfem_D /\ (C_mf an_a» a A SRDY ) /\ ~C_mf aro_laat_) «> CMW | 

(C_mfam_D /\ (C_mfam_aa - A S ABORT ) ) *> CMABT I CMDO) | 

(C_m£am_atate a CMW) a> 

( ( C_mf am_D / \ ( C_mf am_a ■ a A S ABORT) ) *> CMABT I 

(C_mf am_D /\ ( C_mf am_e ■ a A SACK ) A C_mf am^locJO «> CMI I 

(C_mf am_D A (C_mf am_ae * A SRDY) / \ -C_m£anulock_ /\ -C_mf am„crqt_) 

a> CMA3 | CMW) I 

( -C_mf em_laat_) -> CMI I CMABT) in 
let m£am_mabort a (new_C_mf am_atate a CMABT) in 
let mf am_mldle * (new_C_mfam_8tate a CMI ) in 
let m£am_mreque»t a (new_C_mf ara^atate * CMR) in 
let mf am_ma3 a (new_C_m£ am_atate a CMA3 ) in 

let mfsni_mal a {new_C_jnf am_at*te = CMAl) in 

let mf em^mal - ( new_C_m£am_atate - CMAl) in 

let mf am_maO • (new_C_mf am^etate ■ CMAO) in 

let mfanumdl = (new_C_mf anuatate = CMDl) in 

let mf am_mdO a (new_C_mf am_atate a CMDO) in 
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lat mf am_iad_an_m * 

( ( (naw_C_mf am^atata * CMD1) /\ -C_mf am_writa /\ C_mf anu» rdy_an ) \/ 

{ (naw_C_mf am^atata ■ CMDO) /\ ~C_mf am^writa /\ C_mt am_a rdy_an) \/ 

( (naw_C_mf am^atata * CMW) /\ (C_mf am_stata - CMDO) /\ ~C_mf am_writa /\ 
C_mf an^ardy.an) ) in 
lat mf •nv_nv_cout_»«ll « 

( (naw_C_mf am_*t*ta * CMA3) \/ (naw_C_mf anu*tata x CMAl)) in 
lat mf am_nucout_aalO * 

( (naw._C_iaf anu*tata * CMA3) \/ (naw_C_mf am_atata « CMAl) \/ 

(naw_C_mf anuatata - CMDl) ) in 
lat maO ■ 

(ALTBR 

ARBN 

(0) 

( ( (n«w_C_mfam_atat« ■ CHDO) f \ ~C_mf am_laat_) \l 
( naw_C_m£ am_a t at • * CHABT) \ / 

( (naw_C_mf am_«tat* « CMW) /\ C_mf am_lock_) ) ) in 
lat malO * 

(ALTBR 

maO 

(1) 

( (naw_c_mf am_atata * CMAl} \/ 

(naw_C_mf am_atata * CMAO) \/ 

(naw_C_mf am_atata * CMAl) \/ 

(naw_C_mf am_atata * CMDl) \/ 

( (naw_C_mf aitL_atata * CMDO) / \ C__mf am_laat_) \/ 

( naw_C_mf am_a t at a « CMW) \/ 

(naw__C_mf am_atata * CMABT) ) ) in 
lat staHO * 

(ALTBR 

malO 

( 2 ) 

( (naw_C_mf am_atata ■ CMA3) \/ 

(naw_C_mf am_atata » CMAl) \/ 

<naw_C_m£anuatata « CMAO) \/ 

( naw_C_mf am^» t at a ■ CMAl) \/ 

(naw_C_m£anLatata ■ CMDl) \/ 

(naw_C_m£anuatata * CMDO) \/ 

(naw_C_mf am^atata ■ CMW) ) ) in 
lat mfam_ma ■ ma210 in 

lat mf am_rqt_ ■ (naw_c_mf a«^_atata = CMI ) in 
lat mfam_cgnt_ * (- (naw_C_mf am_atata * CMA3) } in 

lat mf am_cm_an « ( ~ ( naw_C_mf am^atata * CMI) / \ - (naw_C_mf am^_atata * CMR) ) in 
lat mf am_abor t_la_an_ « 

(-(naw_C_mf am_»tata « CMABT) \/ (naw_C_mf am_atata * CMI)) in 
lat mf am_mparity ■ ( (naw_C_mf am_atata x CMA3 ) \/ 

(naw_C_mf am_atata * CMAl) \/ 

(naw_C_mf am_atata ■ CMAO) \/ 

(naw_C_mf am_atata ■ CMAl ) \/ 

(naw_C _mfam_»tata ■ CMDl) \/ 

(naw_C _mfam_atata * CMDO) \/ 

(C_mf am_atata • CMAl) \/ 

(C_mf am_»tata « CMAO) \/ 

(C__mf am_atata * CMAl) \ / 

(C_mf am_«tata m CMDl)) in 
lat naw_C_af am_atata ■ 

( (C_afam^rat ) -> CSI I 
(C_af am_atata * CSI) »> 

( ( C_a£ am_D /\ (C_afam_ma « * MS TART) /\ ~C_af am^grant /\ 

C_af am_addraaaad) 

■> CSA1 | CSI) | 

(C_af am_atata ■ CSL) *> 

((C_afam_D /\ (C.afanuaa . A MSTART ) /\ ~C_a fam_grant /\ 

C_af am_addraaaad) 

-> CSAl | 

(C_af am_D /\ (C_af anuma * A MSTART) /\ ~C_af am_grant /\ 

- C_a f am_addr a a a ad ) 

-> CSI | 

(C_af am_D A (C.afamjna » A MABORT) ) «> CSABT | CSL) I 
(C_af am_*tata - CSAl) «> 

((C_afam_D /\ (C_afam_ma - A MRDY) ) «> CSAO | 

(C_af am_D /\ (C_afam_ma « A MABORT) ) *> CSABT I CSAl) | 
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(C_af *m_*tate « CSAO) *> 

((C_«f*nuD /\ - A MRDY) /\ -C_af sm_blda_) ■> CSALB I 

(C_afam_D /\ <C_af am_ma - A MRDY) /\ C_a£am_hlda_) «> CSAOW I 

(C_*£»m_D /\ - A MABORT) ) => CSABT 1 CSAO) I 

(C_af am_atata * CSAOW) *> 

{(C.afamJ) /\ {C_af am_ma - A MRDY) /\ ~C_af am_hlda_) -> CSALB I 

(C.afam^D /\ (C_af»m_ina * A MABORT) ) «> CSABT | CSAOW) I 

(C_sf am_atata ■ CSALB) ■> 

((C_afam_I> /\ C_afam_writa /\ (C_a£am_ma * A MKDY) ) *> CSD1 I 
(C_af am_D /\ ~C_af sm_write /\ (C_if*HLm* - A MRDY) ) ■> CSRR I 
(C_afam_D /\ (C_afam_ma - A MABORT) ) *> CSABT | CSALB) T 
(C_af am^atata * CSRR) ■> 

({C_afam^D /\ ~ (C_af am_ms * A MABORT) ) ■> CSD1 I 
(C_af am_D /\ (C_af «m_ma = A MABORT) ) »> CSABT I CSRR) I 
(C_af am_atata * CSDl) *> 

( (C_afanv_D A (C_afam_ma ■ A MRDY) ) ■> CSDO | 

(C_af any_D /\ (C_afam_ni» - A MABORT) ) *> CSABT 1 CSDl) I 
(C_af anu*tata ■ CSDO) «> 

( (C_af am_D A (C_afam_ma * A MEND) ) *> CSACK I 
(C_afam_D /\ (C_af am_ma • A MRDY) ) «> CSDl I 
(C^afam^D /\ <C_af am_ma * A MABORT) ) *> CSABT | CSDO) I 

(C_af am_atata - CSACK) *> 

{ (C_afam_D /\ (C_af am_nu * A MRDY) ) => CSL I 
(C__a£am^D /\ (C_afam_ma = A MWAIT) ) *> CSX j 
(C_afam_D /\ (C_af am_ma * A MABORT) ) *> CSABT I CSACK) I 
(c_afacuD) => csi | CSABT) in 
lat aaO = 

(ALTBR 

ARBN 

(0) 

( (naw_C_af am_*tata * CSAOW) \/ 

( (naw_C_sfam_BtatB ■ CSALB) /\ -C_af am_writa) \/ 

(naw_C_af am__atata * CSACK) ) ) in 

lat aalO « 

(ALTBR 

aaO 

(1) 

( - (naw_C_a£aia_*tata * CSI) /\ 

~ (naw_C_af ain_8tata * CSACK) /\ 

- (naw_C_af am_atata ■ CSABT))) in 
lat aa210 x 
(ALTBR 
aalO 
(2) 

(~ (naw_C_af am_atata * CSI) /\ - (naw_C_a£am_atata = CSABT))) in 
lat sfanuaa * aa210 in 
lat af am_iad_an_a = 

( ( (naw_C_af »n_atata ** CSALB) /\ ~ (C_a£am_atata - CSALB)) \/ 

( (naw_C_af an^atata * CSALB) /\ C_af am_writa) \/ 

( (naw_C_af anv_*tata - CSDl) /\ C_afam_writa /\ ~ (C_af am_atata « CSRR)) \/ 
( (naw_C_af am_atata * CSDO) /\ C_afam_w rita) /\ 

( (naw_C_af anuatata « CSACK) /\ C_a£ am_writa) ) in 
lat afam_aidla * (naw_C_af am_atata * CSI) in 
lat a£am_alocX - (naw_C_af am_*tata « CSL) in 
lat 8fam_Bal ■ (naw_C_af am^atata * CSA1) in 
lat a£am_aaO * (naw_C_af am^atata ■ CSAO) in 
lat af am_aala * (naw_C_af an*_atata * CSALB) in 
lat a£anv_adl * (naw_C_a£am_atata * CSDl) in 
lat afam_adO ■ (naw_C_af am_atata « CSDO) in 
lat afam_aacX * (naw_C_af am_atata m CSACK) in 
lat a£am_aabort ■ (naw_C_af am^atata * CSABT) in 
lat af am_«_cout_BalO * (naw_C_af anL_*tata * CSDl) in 
lat afam^aparity - ( - (naw_C_a£am_atata * CSI) /\ 

- (naw_C_af ain^»t*ta * CSACK) A 
- (naw_C_a£am_atata - CSABT)) in 
lat aaw_C_af am_atata * 

( (C_af aiiurat) *> CBI I 

(C_a£anu»tata * CBI) -> ( ( ~C_af am_cala_) «> CBB I CBI) I 
( (~C_afam_l*»t_ /\ -C_af am_ardy_) \/ -C_af am_mala_ \/ ~C_af anL_rala_) 

■> CBI I CBB) in 

lat af am_a rdy_an - ( (naw_C_af am_atata = CBB) \/ (C_af am^atata = CBB)) in 
lat naw_C_locX_in_ * 
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((BSal (Rat) \/ 

«> ( (BSal (Rat ) ) ■> P | BSal ( I_lock_) ) 

I C_lock_in_) in 
lat naw_C_laat_in_ * 

( (ASal (Rat ) \/ (ASal (ClkD) /\ mf am_mdl ) \/ mf am_mabort ) 

-> ( (ASal (Rat ) ) «> P l ASal(I_laat_in_) ) 

I C_laat_in_) in 
lat naw__C_aa ■ 

( (mf am_abort_la_an_) »> ASal (CB_aa_in) | C_aa) in 
lat naw_C_clkA * BSal (ClkD) in 

lat mand » ( (ASal (CB_ma_in) * A MEND) , (BSal (CB_ma_in) » A MEND) T in 

lat mabort * < (ASal (CB_ma_in) - A MABORT) , (BSal (CB_m»_in) - A MABORT) ) in 

lat laat_out_inS « afam^aal in 

lat laat_out_inR * (BSal(ClkD) t\ (BSal(mand) \f BSal (mabort )) ) in 
lat naw_C_laat_out_ * 

( (laat_out_inS \/ laat_out_inR) 

«> { (laat_out_inS / \ ~la#t_out_inR) *> T | 

( ~laat_out_inS / \ laat_out_inR) ■> P I 
( -laat_out_inS /\ ~laat_out_inR) *> F l ARB) 

I c_laat_out_) in 
lat naw_C_aidla_dal « afam_aidla in 
lat naw_C_mrqt_dal * aquas t in 

lat naw_C_hold_ « 

( (BSal(ClkD) ) -> afam^aidla I C_hold_) in 
lat naw_C_wr ■ 

( (-BSal(I_cala_) ) «> (ELEMENT (BSal ( I_ad_in) ) (27)) | C_wr) in 

lat mf am_cin_4_laB ■ (C_clkA /\ afam^aaO) in 
lat naw_C_aizawrba - 

((BSal (Rat)) ■> NORDN 9 0 | 

(mfanucin_4_laB) »> (SUBARRAY C_data_in (31,22)) 

I C_sizawrba) in 

lat writa * 

{ ( (mf am_cm_an) ■> C_wr I (ELEMENT C_aizawrba (5))), 

( (mf am_cm_an) »> naw_C_wr | (ELEMENT naw_C_aizawrba (5)))) in 
lat ardy * { (ASal (CB_aa_in) - A SRDY) , (BSal (CB_aa_in) - A SRDY) ) in 
lat dfam_maatar * 

( (mfam^ma3 \/ mf am_ma2 \/ mf am_mal \ / mf am_maO \ / mf am_mdl \/ 
mf am^ndO ) , 

(mf am^ma3 \ / mf am^mal \/ mf am_mal \ / mfam^maO \ / mfam_mdl \/ 
mfam_mdO) ) in 
lat dfan^_alava - 

( ( -af am_aidla /\ -af am_alock) , ( -af am_aidla /\ -af am^alock) ) in 
lat df am^cin^O^lafi » 

(BSal (ClkD) /\ 

( (mf anumdO /\ BSal(ardy) /\ -BSal (writa ) ) \/ 
afam_aaO \/ 

(af am_adO /\ BSal (writa ))) ) in 
lat df am L _cin_l_laB * {BSal (ClkD) /\ 

( (mf amjmdl /\ BSal(ardy) /\ -BSal (writa) ) \/ 

afam_a*l \/ 

(afanuadl /\ BSal (writa) )) ) in 

lat df am^cin_3_laB * (BSal (ClkD) /\ (afam_aidla \/ afanualock) ) in 
lat df am k _cont_0_laB ■ 

(BSal(I__cala_) \/ 

(BSal ( I_ardy_in_) /\ -BSal (writa) ) \/ 

(mfanumaO /\ BSal (ardy) /\ BSal (writa) /\ BSal (ClkD)) \/ 

(m£am_mdO /\ BSal (ardy) /\ BSal (writa) /\ BSal (ClkD) ) ) in 
lat df am_co , ut_l_laA ■ (C_clkA /\ afam_adl) in 
lat df anucad^an_ ■ 

( ( - (mf »m_ma3 \/ 
mf am_ma2 \ / 
mf am_mal \ / 
mf am_maO \/ 

(ASal(writa) /\ (mf am_mdl \/ mtumjaAO)) \/ 

( -ASal (writa) /\ (afam_»dl \/ af an*_adO) ) ) ) , 

( - (mf am_ma3 \/ 
mf am_zn&2 \ / 
mf am_mal \ / 
mf am_maO \/ 

(BSal(writa) /\ (mfam_mdl \/ mfam_mdO)) \/ 

( -BSal (writa) /\ (afam_»dl \/ af ara^adO ) ) ) ) ) in 
lat df am_mala_ * 
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( (~ (afam_aale /\ - (VAL 1 (SUBARRAY C_aizewrbe (1/0)) =3) /\ C_clkA) ) , 

( - (afem_aale /\ ~ ( VAL 1 {SUBARRAY new_C_aizewrbe (1,0)) ■ 3) /\ C_cl)cA) ) ) 
in 

let dfanurala_ * 

( (~(afenu«*l« /\ (VAL 1 (SUBARRAY C_aizewrba (1,0)) * 3) /\ C_clkA) ) , 
(-(afem_»al« /\ (VAL 1 (SUBARRAY new_C_eizewrba (1,0)) * 3) /\ C_clkA) ) ) 
in 

let df am_mrdyB_ * 

(~ { (-BSal (write) /\ BSel(ClkD) /\ (efam_aala \/ afam_edl) ) \/ 

( -BSal (write) /\ C_clkA /\ afaa^aacJc) \/ 

(BSal (write) A BSel(ClkD) /\ efem^adO) ) ) in 
let naw_C_cout_0_la_dal « df em_cout_0_leB in 
let naw_C_cin_2_le * df sm_cin_0_leB in 
let new_C_mrdy_dal_ = df am_mrdyB_ in 

let new_C_iad_en_a_del * { (BSal (ClfcD) ) *> af anuiad.en.s I C_iad_en_e_dal ) in 

let new__C_wrdy « (BSal(ardy) /\ BSal(writa) A mfenumdl /\ BSel(Cl)tD)) in 
let new_C_rrdy * (BSal(ardy) /\ -BSal(writa) /\ mfam_radO /\ BSel(ClkD) ) in 
let pe_cntB * (BSeKClkD) A 

{- (af anuaparity * mf am_naparity) \/ 

((SUBARRAY (BSal (CB_ee_in) ) (1,0)) * WORDN 1 0))) in 

let parity_ins = 

( (Par_Det rap (BSal (CB_ad_in) ) ) A BSel(ClkD) /\ pa_cntB) in 
let parity_inR = (BSal (Rat) \/ BSal (Reaet_arror) ) in 
let new_C_parity * 

( (parity_lnS \/ parity_inR) 

*> ( (parity_inS /\ -parity_inR) *> T I 
( -parity_inS A parity_inR) *> F I 
( -parity_inS A ~parity_inR) ■> F I ARB) 

1 Charity) in 
let new_ C^aourca *■ 

((BSal (Rat)) -> WORDN 15 0 | 

( df em_cin_3_leB ) «> (Par_Dac rap (BSal (CB_ad_in) ) ) t C_aourca) in 
let di31_16 * 

(MALTBR 

C_data_in 

(31,16) 

((BSal (Rat)) »> WORDN 15 0 | 

( df em_c in_l_l aB ) 

*> (Par_Dec rap (BSal (CB_ad_in) ) ) 
t (SUBARRAY C_data_in (31,16)))) in 
let di31_0 - 
(MALTBR 
di31_16 
(15,0) 

((BSal (Rat)) ■> WORDN 15 0 I 
(df am_cin_0_leB ) 

*> (Par_Dec rap (BSal (CB_ad_in) ) ) 

| (SUBARRAY C_data_in (15,0)))) in 
let new_C__data_in * di31_0 in 

lat new_C_iad_out » (C_cin_2_le -> C_data_in I C_iad_out) in 
let cout_l_leA ■ 

( (df anucout_l_laA /\ -ASel (df enumaeter) ) \/ 

( ASal (df anumaatar ) /\ C_cout_0_le_del) ) in 

lat new_C_ala0 « (cout_l_leA ■> C_iad_in | C_ala0) in 
lat naw_C_a3a2 * (mf em__mr aquae t «> (ASal(Ccr)) I C_a3a2) in 
lat new_C_iad_in ■ (df em^cout_0_leB ■> (BSal (I_ad_in) ) I C_iad_in) in 
lat grantB * 

((((SUBARRAY (BSal(Id)} (1,0)) * WORDN 1 0) A 

- (ELEMENT (BSal (CB_rqt_in_) ) (0)) ) \/ 

({(SUBARRAY (BSal(Id)) (1,0)) * WORDN 11) /\ 

- (ELEMENT (BSal (CB_rqt_in_) ) (0)) A 

(ELEMENT (BSal (CB_rqt_in_) ) (1)) ) \/ 

(((SUBARRAY (BSal (Id)) (1,0)) » WORDN 12) /\ 

- (ELEMENT (BSal (CB_rqt_in_) ) (0)) A 

(ELEMENT (BSal (CB_rqt_in_) ) (1)) A 

(ELEMENT (BSal (CB_rqt_in_) ) (2)) ) \/ 

(((SUBARRAY (BSal (Id)) (1,0)) * WORDN 13) A 

- (ELEMENT (BSal (CB_rqt_in_) ) (0)) A 

(ELEMENT (BSal (CB_rqt_in_) ) (1)) A 

(ELEMENT (BSal (CB_rqt_in_) ) (2)) A 

(ELEMENT (BSal (CB_rqt_in_) ) (3)))) in 

lat buayB * (-((SUBARRAY (BSal (CB_rqt_in_) ) (3,1)) - (WORDN 27))) in 
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lat addraasadB * (BSal(Id) * { SUBARRAY n*w_C_iourct (15,10))) in 

lat naw_c_mf am_ardy_an ■ afsm_ardy_an in 

lat naw_C_mf am^D ■ (BSal (ClkD) ) in 

lat naw_C„mf am_grant * grantB in 

lat naw_C_mf si«_rat ■ (BSal (Rat)) in 

lat naw_C_mf am_buay * buayB in 

lat naw_C_mf am_writa « (BSal (write) ) in 

1st naw_C_mf em_crqt_ * (BSal (I_crqt_) ) in 

1st n*w_C_mf •m_hold_ « C_hold_ in 

let new_C_m£ am_laa t_ « new_C_laat_in_ in 

let new_C_ mf * hl_1oc)c_ ■ new_C_lock_in_ in 

let new_C_mf anu** ■ (BSal (CB_aa_in) ) in 

let new_c_mf sat. invalid * (BSal (Piu_invalid) ) in 

lat new_C_afsm_D ■ (BSel(Cl)tD)) in 

lat naw_c_.efain_grant * grantB in 

lat new_C_afsia_rat « (BSal (Rat)) in 

lat naw_C_a£am_writa * (BSal (write) ) in 

lat naw_C_af am_addraaaad * addreaaecLB in 

lat new_C_afam_hlda_ * (BSal ( I_hlda_) ) in 

lat naw_C_af am_ma * (BSal (CB_ma_in) } in 

lat new_C_ef am_c*l«_ ■ (BSal ( I_cale_) ) in 

lat new_C_efsm^laat_ - (BSal ( I_laat_in_) ) in 

lat naw_C_af snuianl*- ■ (BSal ( I_male_in_) ) in 

lat new_C_efam_rale_ ■ (BSal ( I_rala_in_) ) in 

lat naw_C_afanu*rdy_ * (BSal ( I_ardy_in_) ) in 

lat new_C_efam_ret * (BSal(R»t)) in 

lat I_cgnt_ * (mfam_cgnt_, mf am_cgnt_J in 
lat I_mrdy_out_ * 

( ( (~Aflal{I_hlda_) ) «> (WIRE C_mrdy_del_) | Z) , 

( (~BSel(I_hlda_) ) »> (WIRE C_mrdy_dal_) ) Z) ) in 
lat I_hold_ - (C_hold_, C_hold_) in 
lat I_rala_out_ * 


( ( ( -ASal ( I_hlda_) ) 

•> 

WIRE 

(ASal (df am_rala_) ) 

1 Z), 


( (-BSal (I_hlda_) ) 

*> 

WIRE 

(BSal (df am_rale_) ) 

1 Z)) 

in 

lat I_male_out_ * 

( ( ( -ASal ( I__hlda_ ) ) 

*> 

WIRE 

(ASal (df sz^_mala_) ) 

1 Z), 


( ( -BSal ( I_hlda_ ) ) 

■ > 

WIRE 

(BSal (df »m_niala_) ) 

t Z)) 

in 

lat I_laat_out_ ■ 

( ( ( -ASal ( I_hlda_ ) ) 
( { -BSal ( I_hlda_) ) 

*> 

(WIRE 

(WIRE 

C_laat_out_) 1 Z) , 
new_C_laat_put_) | 

Z)) 

in 


lat I_ardy_out_ = 

( ( (-ASal (I_cale_) \/ af am_ardy_an) *> 

(WIRE - { C_vrdy \/ C_rrdy \/ mf am_mabort ) ) | Z) , 

( {-BSal (I_cala_) \/ afs m^ardy_en) ■> 

(WIRE - ( C_vrdy \/ C_rrdy \/ mf ain^mabort ) ) | Z) ) in 
lat iad_an * (mf an*_iad_en_m \/ »£am^_iad_an_* \/ C_iad_en_a_del) in 
lat I_ad_out ■ ((iad_an «> (BUSH new_C_iad_out ) I 0££n) , 

(iad_an *> (BUSN new_c_iad_out ) I Offn) ) in 

lat I_be_out_ * 

( ( (-ASel(I_hlda_) ) *> (BUSN (SUBARRAY C_ai 2 ewrbe (9,6))) | Of £n) , 

( (-BSel(I_hlda_) ) *> (BUSN ( SUBARRAY naw_C_aizawrba (9,6))) | Offn)) in 

lat CB_rqt_out_ * (mf am_rqt_, mf am_rqt_) in 
lat mal_0 « (MALTER 
ARBN 
( 1 , 0 ) 

(SUBARRAY mfam_ma (1,0))) in 
lat ma2_0 * (ALTER 

mal_0 

( 2 ) 

( (ELEMENT (2)) /\ 

-ASal (Psm_fai lure) A -ASal (Piu_invalid) ) ) in 
lat mbl_0 * (MALTER 
ARBN 
( 1 , 0 ) 

( SUBARRAY mfam_ma (1,0))} in 
lat mb2_0 . (ALTER 

mbl_0 

( 2 ) 

( (ELEMENT mfan^ma (2)) A 
-BSal (Pmm_f ailura) A -BSal (Piu_invalid) ) ) in 
lat CB_m*_out ■ (ma2_0, mb2_0) in 
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let aal_0 = (MALTER 
ARBN 
( 1 , 0 ) 

{SUBARRAY afam^aa (1,0))) in 
let aa2_0 - (ALTER 

aal_0 

(2) 

((ELEMENT afam_aa (2)) /\ 

-ASel ( Pmro_f ailura ) A -ASel (Piu_invalid) ) ) in 
let abl_0 » (MALTER 
ARBN 
( 1 , 0 ) 

(SUBARRAY afam_aa (1,0))) in 
let ab2_0 = (ALTER 

abl_0 

( 2 ) 

{(ELEMENT afam.aa (2)) /\ 

-BSel (Pmm_f ailure ) A -BSel (Piu_invalid) ) ) in 
let CB_aa_out * (aa2_0, ab2__0) in 
let cout_sel * 

((afanu*<10 \/ afam_*dl) ■> 

(let caO - (ALTER ARBN 0 af am_a_cout_aelO ) in 
ALTER caO IP) I 

(let caO - (ALTER ARBN 0 mf am_m_cout_aelO ) in 
ALTER caO 1 (m£em_ni^cout_eell) ) ) in 
let CB_ad_out = 

{ ( (-ASel(dfam_cad_en_) ) 

*> (BUSN 

( ( cout_ael * WORDN 1 0) *> 

(Par.Bnc rep (SUBARRAY new_C_alaO (15,0))) I 
(cout_ael * WORDN 11) *> 

{ par_Bnc rep (SUBARRAY new_C_alaO (31,16))) 1 

(cout_ael « WORDN 1 2) ■> 

( ParJKnc rep ( SUBARRAY new_C_a3 a2 (15,0))) 

| (parJBnc rep (SUBARRAY new_C_a3a2 (31,16))))) 

I Off n) , 

( ( -BSel (df em_cad_en_) ) 

=> (BUSN 

( (cout_ael * WORDN 10) ■> 

(Par_Enc rep (SUBARRAY new_C_ala0 (15,0))) I 
(cout_ael * WORDN 11) »> 

(ParJBnc rep (SUBARRAY new_C_ala0 (31,16))) I 
(cout_ael - WORDN 1 2) «> 

(Par_Enc rep (SUBARRAY new_C_a3a2 (15,0))) 

| (Par_Enc rep (SUBARRAY new_C_a3a2 (31,16))))) 

| Of fn) ) in 

let C_ae_out * (C_aa, new_C_aa) in 
let Diaable_writea * 

( (ASel(df am_*lave) A 

-(ELEMENT (SUBARRAY C_aource (9,6)) (VAL 1 ( ASel (ChannellD) ) ) ) ) , 

(BSel (dfam_a lave) /\ 

_ (E LEME NT (SUBARRAY new_C_aource (9,6)) (VAL 1 (BSel (ChannellD) )))) ) in 
let CB_parity = (c_parity, new_C_parity) in 

(CCOut I_cgnt_ I_mrdy_out_ I_hold_ I_rale_out_ I_male„out_ I_laat_out_ 
I_ardy_out_ I_ad_out I_ba_out_ CB_rqt_out_ CB_ma_out CB_aa_out 
CB_ad_out C_aa_out Diaable_writea CB_parity)" 

) ? ; 


let CC_OP_REW * aave_thm 
( ' CC_OP_REW ' , 

( PURB_ONCE_REWRITB_RULE [ASel; BSel] CC_OP) 
)M 


let CC_Bxec ■ new_def inition 
( ' CC_Exec ' , 

" i (cci * CCI ) (a :timeC->cc_atate) (e 
(t : t imeC ) . 

CC_Bxec cci a e p t - T w 
) ; > 


t t imeC->cc_env) (p : timeC->cc_out ) 


let CC_PreC ■ new_def inition 
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{ 'CC_PreC' , 

"! (cci jCCI) (a : timeC->cc_atate) (• : timaC->cc_env) (p : timeC->cc_out ) 

(t itimeC) 

CC_PreC cci a a p t * T w 

) ; ; 

let CC_PostC * new_def inition 
( 'CC_PostC' , 

"\ (rep : A KBP_ty) (cci :CCI) (a : timeC->cc_atate) (• * timeC->cc_env) 

(p : timeC->cc_out ) (t :timeC) 

CC_PostC rep cci s«pt« 

(a (t+1) » CC_MSF rsp (a t) (a t) ) /\ 

(p t * CC_OP rap (a t) (a t))" 

);; 

let CC_Corract * new_def inition 
( 'CC_Correct ' , 

"1 (rap : A RJSP_ty) (cci iCCI) (a : timeC->cc_state) (a : timeC->cc_env) 

(p : timeC->cc_out ) (t ttimaC) « 

CC_Correct rap cci a a p t « 

CCJRxmc cci a apt /\ 

CC_PreC cci a a p t 
**> 

CC_PostC rap cci a a p t" 

);; 

lat CCSet_Corract * new_def inition 
( 'CCSet_Corract 1 , 

"l (rap : A RBP_ty) (a r timeC->cc_state) (a : timeC->cc_env) (p :timeC->cc_out) . 
CCSat_Corract rap a a p * ! (cci iCCI) (t i timed . CC_Corract rap cci a a p t" 

) ; j 

cloae_theory ( ) ; j 


3.6 SU-Cont Definitions 

This section contains the theories sauxjdef, sblock_def, sclockjief, defining the SU-Cont design. 


% 

File* saux_def.ini 

Author: (c) D * A. Ftra 1992-93 

Data: 1 March 1993 

- - % 

aet_flag ( 't lining* , true);; 

aat aaarch path (aaarch_path{ ) 9 [ ' /homa/alvia6/dfura/f tap/piu/hol/lib / • j 

* /hoae/elvie6/dfura/hol/ml/ ' 

]);; 

ayatam ' rm aaux_daf . th ' ; ; 
new_theory ' aaux_da£ ' / / 
loadf * aux_def a ' j ; 

naw_typa_abbrav { ' t ima ' , "t num* ) / ; 
new_type_abbrev ( # vrordn * , * t ( num- >bool ) * ) / ; 

map load _parent [ 'piuaux.def ' ] / j 

% 

Abstract data type for the SU-Cont instruction. 
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■% 


let SCI = 

de£ine_type 'SCI' 

'SCI * SC_X ' / ; 


% 

Define abstract data type for the state. 


let s_etate = 

define_type 's_state' 

# s_state * SCState sfsnuty bool bool bool bool bool bool bool 

wordn wordn bool bool bool bool bool bool bool 
bool bool bool'?; 


l«t S_f sm_stateS * new_recursive_def inition 
false 
s_etate 
'S_f saa^stateS ' 

"S_fsm_stateS (SCState S_fsm_state S_fsm_rst S_fsm_delay6 S_f sm_delayl7 

S_f sm_bothbad s_f sm^bypass S_soft_shot S_sof t_shot_del 
S_soft_cnt S_delay S_instart S_bad_cpuO S_bad_cpul 
S_reset_cpuO S_reset_cpul S_cpu_bist S_prom_f ail 
S_cpuO_fail S_cpul_fail S_piu_fail) 

* S_f sm_state"/ ; 


l*t S_fsro_rstS * new_recursive_def inition 
false 
s_state 
'S_f sm_retS * 

"S_fsm_rstS (SCState S_fsm_state S_£sm_rst S_f sm^delayS S_fsm_delayl7 

S_f »m_bothbad S_f sn*_bypass S_sof t_shot S_sof t_shot_del 
S_soft_cnt S_delay Spinet art S_bad_cpuO S_bad_cpul 
S_reset_cpuO S_reset_cpul S_cpu_bist S_pnan_fail 
S_cpuO_fail S_cpul_f ail S_piu_fail) 

* S_f sm_rst " ; ; 


let S_f snudelay6S ■ new_recursive_de£ inition 
false 
s^state 

' S_f sn*_delay6S ' 

"S_f sm_delay6S (SCState S_fsm_state S_fsm_rst S_f snudelayfi S_f sn^_delayl7 

S_f sm^bothbad S_f sm^bypass S_soft_shot S_sof t_shot_del 
S_eof t_cnt S_delay S_instart S_bad_cpuO S_bad_cpul 
S_reset_cpuO S_reset_cpul S_cpu_bist S_pmn\_£ail 
S_cpuO_f ail s_cpul_fail s_piu_fail) 

= S_f sm_delay6" ; ; 

let s_f sm_delayl7S * new_recursive_def inition 
false 
s_state 

' S_f sm^delayl7S ' 

"S_f am_delayl7S (SCState S_fsn^state S_fsm^rst S_f sm,_delay6 S_f sm_delayl7 

S_f sm^bothbad S_fsm_bypass S_soft_shot S_sof t_shot_del 
S_soft_cnt S_delay S_instart S_bad_cpuO S_bad_cpul 
S_reset_cpuO S_reset_cpul S_cpu_bist S_pnm^_fail 
S_cpuO_fail S_cpul_f ail S_piu_fail) 

- S_f sm_delayl7 " / ; 


let S_f sm_bothbadS - new_recrursive_def inition 

false 

s_etate 

' S_f sm_bot hbadfl ' 

" S_f sm_bot hbadS (SCState S_fsm_state S_fsnk_rst S_£sm_delay6 S_f em_delayl7 

S_f sm_bothbad s_f snubypass S_soft_ehot S_sof t_shot_del 
S_soft_cnt S_delay S_instart S_bad_cpuO S_bad_cpul 
S_reset_cpuO S_reset_cpul S_cpu_b i s t S_pmm_f ail 
S_cpuO_f ail S_cpul_f ail S_piu_fail) 

m S_f SBL_bothbad* / ; 


let S_f snubypassS ■ new_recursive_def inition 
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falsa 

s_stata 

' S_f sm_bypassS ' 

"S_f sm_bypassS (SCStata S_fsm_stata S_£an*_rst S_f sm_dalay6 S_f sm_dalayl7 

S_f sm_bothbad S_f sm_bypas s S_soft_shot S_sof t_shot_dal 
S_soft_cnt S_dslay S_instart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S„rasat_cpul S_cpu_bist S_pnsa_fail 
S_cpuO_f ail S_cpul_f ail S_piu_f ail) 

* S_f •m_bypass' r ; ; 

1st S_soft_shotS * naw_racursiva_daf inition 
falsa 
s_stata 
'S_sof t_shotS ' 

w S_sof t__shotS (SCStata S__fsm_stata S_fsm_rst S_£sn\_dalay6 S_f sm_dalayl7 

S_f sm_bothbad S_f*m_bypass S_.soft_.shot S_soft_shot_dal 
S_soft_cnt S_dalay S_instart S_bad_cpuO S_>ad_cpul 
S_rasat_cpuO S_rasat_cpul S_ cpu_bist S_prmn l _f ail 
S_cpuO_fail S_cpul_f ail S_piu_fail) 

= S_sof t_ihot"/ ; 

1st S_soft_shot_dalS ■ naw_racursiva_daf inition 
falsa 
s^stata 

' S_sof t_shot_dalS ' 

"S_so£t_shot_dalS (SCStata S_fsm L _stata S__fsxn_rst S_f sm_dalay6 S_f sm_dalayl7 
S_f sm^bothbad S_f sm_bypaa s S_sof t_shot S_sof t_shot_dal 
S_soft_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_rasat_cpul S_cpu_bist S pmm fail 
S_cpuO_f ail S_cpul_£ail S_piu_fail) 

* S_sof t_shot_dal"; / 

1st S_soft_cntS * naw__racursiva_daf inition 
falsa 
s_stata 

'S_soft_cntS * 

"S_soft_cntS (SCStata S_fsnv_stata S_fsm_rst S_f sm__dalay6 S_f 8HL_dalayl7 

s_f saCbothbad s_£ snubypass S_sof t_shot S_sof t_ahot__dal 
S_s o£t_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_rasat_cpul S_cpu_bist S_poan_f ail 
S_cpuO_f ail S_crpul_f ail S_piu_fail) 

* S_sof t_cnt' r ; t 

1st S_dalayS = naw_racursiva_daf inition 
falsa 
s_stata 
'S_dalayS ' 

"S_dalayS (SCStata S_£sm_stata S_fsnurst S_fsm_dalay6 S_f sm_dalayl7 

S_f sm_bothbad S_£ snL-bypass S_so£t_ahot S_sof t_shot_dal 
S_so£t_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 
S_ra»at_cpuO S_rasat_cpul S_cpu_bist S_pmm_f ail 
S_cpuO_f ail S_cpul_f ail S_piu_fail) 

* S_dalay" j ; 

1st S_instartS * naw_ra cur siva_daf inition 
falsa 
s_stata 

'S_instartS' 

"S_ins tarts (SCStata S_fsia_stata S_fsm_rst s_f sn*_dalay6 S_fsm_dalayl7 

S_f sirubot hbad S_f snubypass S_soft_shot S_sof t_shot_dal 
S_soft_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_rasat_cpul S_cpu_bist S_pmrn_fail 
S_cpuO_f ail S_crpul_f ail S_piu_fail) 

* S_instart"; j 

1st S_bad_cpuOS = naw_ra curs iva_daf inition 
falsa 
s_stata 
' S_bad_cpuOS ' 

*S_bad_cpuOS (SCStata S_f sn^_stata S_fsm_rst S_f sm^dalayS S_f sm^dalayl7 

S_f sm^bothbad S_f sm_bypasa S_soft_shot S_sof t_shot_dal 
S_soft_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 


168 



S_rasat_cpuO S_rasat_cpul S_cpu_bist S_pmm_fail 
S_cpuO_fail S_cpul_f ail S_piu_fail) 

» S_bad_cpuO " ; ; 

let S_bad_cpulS = n 0 W_racursiva_daf ini t ion 
falsa 
s_stata 

' S_bad_cpulS ' 

"S_bad_cpulS (SCStata S_fam_*tata S_fam_rst S_fsm_dalay 6 S_f sm_dalayl7 

S_f sm_bothbad s_fsm_bypass S_soft_shot S_sof t_ahot_dal 
S_sof t_cnt S_ da lay S_inatart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_ra»at_cpul S_cpu_bist S_pmm_fail 
S_cpuO_fail S_cpul_fail S_piu_fail) 

= S_bad_cpu 1 " ; ; 

let S_rasat_cpuOS = naw_racuraiva_daf inition 
falsa 
s_stata 

'S_ras 0 t_cpuOS' 

"S_rasat_cpuOS {SCStata S_fsm_stata S_fsnurst S_fsm_dalay 6 S_f sm_dalayl7 

S_f sro_bothbad S_fsm_bypass S_soft_shot S_so£t_*hot_dal 
S_soft_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_rasat_cpul S_cpu_bist S__pmm_f ail 
S_cpuO_f ail S_cpul_f ail s_piu_fail) 

= s_rasat_cpuO"; j 

lat s_raaat_cpulS = naw_racursiva_daf inition 
falsa 
s_stata 

' S_rasat_cpulS ' 

"S_rasat_cpulS (SCStata s_fsm_stata S_fsm_rst S_fsm^dalay 6 S_f sm_d«l*yl7 

S_f sm_bothbad S_f am_bypass S_soft_shot S_so£t_shot_dal 
S_soft_cnt S_ da lay S_instart S_bad_cpuO S_bad_cpul 
S_rasat__cpuO S_raaat_cpul S_cpu_bist S_pmm_fail 
S_cpuO_f ail S_cpul_fail S_piu_fail) 

= s_rasat_cpul" ; ; 

let S_cpu_bistS = naw_racursiva_daf inition 
falsa 
s.stata 
' S_cpu_bistS ' 

"S_cpu_bistS (SCStata S_fsm_stata S_fsm_rst S_f sm_dalay 6 S_f sm_dalayl7 

S_f «m_bothbad S_fsm_bypass S_soft_shot S_sof t_shot_dal 
S_so£t_cnt S_dalay s_in*tart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_ra»at_cpul S_cpu_bist s_pnBB L _fail 
S_cpuO_f ail S_cpul_f ail S_piu_fail) 

= S_cpu_bi s t " ; ; 

lat S_pnnt_f ailS = naw_racursiva_daf inition 
falsa 
s^stata 
/ S_pnBn u _f ails * 

"S _pinm_f ails (SCStata S_fsm_stata S_fsm_rst S_f sm_dalay 6 S_£am u _dalayl7 

S_f em_bothbad S_f sm^bypass S_soft_shot S_sof t_shot_dal 
S_sof t_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_rasat_cpul S_cpu_bist S_pmm_f ail 
S_cpuO_f ail S_cpul_f ail S_piu_fail) 

* S_pmm_f ail" / j 

lat S_cpuO_failS = naw_racursiva_daf inition 
falsa 

s.stata 

'S_cpuO_f ailS ' 

"S_cpuO_f ails (SCStata S_fsm_»tata S_fsm_rst S_f snudalay 6 S_f sncdalayl7 

S_f sm_bothbad S_f sm_bypass S_soft_shot S_soft_shot_dal 
S_ao£t_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_rasat_cpul S_cpu_bist S_pmm_f ail 
S_cpuO_fall S_cpul_fail S_piu_fail) 

= S_cpuO_f ail"; ; 

lat S_cpul_f ails * naw_ra cur siva_daf inition 
falsa 
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s_stata 

'S_cpul_f ails 4 

"S_cpul_f ails (SCStata S_fsm_»tata S_fsm^rst S_fsm_dalay6 S_£»n^_dalayl7 

S_f »m„bothbad S_f sm^_bypass S_soft_shot S_sof t_shot_dal 
S_soft_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_rasat_cpul S_cpu_bist Sjnnu^f ail 
S_cpuO_fail S_cpul_f ail S_piu_fail) 

* S_cpul_f ail" 7 / 

lat S_piu_failS ■ naw_racursiva_daf ini t ion 
falsa 
s_stata 
'S_piu_fails ' 

"S_piu_failS (SCStata S_fsm_stata S_fsnv_rst S_f sm_dalay6 S_f sn^dalayl7 

S_f sm_bothbad S_f sm_bypas s S_soft_shot S_sof t_shot_dal 
S_soft_cnt S_dalay S_instart S_bad_cpuO S_bad_cpul 
S_rasat_cpuO S_rasat_cpul S_cpu_bist S_jpmm_f ail 
S__cpuO_f ail S_cpul_fail S_piu__fail) 

= s_piu_fail"7 ; 

lat Stata_CASBS * 

prova_ca*ai_thm (prova_induction_thm s_stata);/ 

lat Stata_Salactors_Wor)c * prova_thin 
( 'Stata_Salactors_Work ' , 

“\ si*_«tata . 

s * (SCStata ( S_f sn*_stataS s) (S_fsm L _rstS s) (S_f sm 1 _dalay6S s) 

(S_f sm_dalayl7S s) ( S_f sm^bothbadS s) (S_f sn^bypassS s) 

(S_sof t_shotS s) (S_soft_shot_dalS s) (S_soft_cntS s) 

(S_dalayS s) (S_instartS s) (S_bad_cpuOS s) ( S_bad_cpulS s) 
(S_rasat_cpuOS s) (S_rasat_cpulS s) (S_cpu__bistS s) 

(S_pmm_f ails s) (S_cpuO_f ails s) (S_cpul_ffailS s) 

{ S_p iu_f ails •))", 

OBN_TAC 

THEN STRUCT_CASES_TAC (SPEC "s i S.Stata" Stata_CASBS) 

THEN REWRITES AC (S_f sin_stataS; S_fsnL.rstS; S_f snudalayfiS ; S_f am^dalayl7S; 

S_f sm_bothbadS ; S_f sn^bypassS 7 S_sof t_shotS 7 
S_sof t_»hot_dalS7 S_soft_cntS; S_dalayS; S_inatartp; 
S_bad_cpuOS 7 S_bad_cpulSj S_rasat_cpuOS; S_rasat_cpulS/ 
S_cpu_bistS; S_p#nm l _f ails 7 S_cpuO_failS7 S_cpul_failS7 
S_piu_f ails] 

) 7; 


% 

Dafina abstract data typa for tha anvironmant. 


% 


lat s_anv ■ 

daf ina_typa * s_anv ' 

' s_anv * SCEnv booltbool bool#bool bool#bool bool#bool booltbool 
bool# bool booltbool' 7 7 

lat RstB * naw_racrirsiva_daf ini t ion 

falsa 

s_anv 

'RstB' 

"RstB (SCEnv Rst Bypass Tast Ocrh Ocrl PailuraO_ Pailural_) 

« Rst "it 

lat BypassB - aaw_racrursiva_daf inition 

falsa 

s.anv 
'BypassB ' 

"BypassB (SCEnv Rst Bypass Tast Ocrh Ocrl FailuraO_ Failural_) 

■ Bypass " 7 7 

lat TastE * naw_ra cur s iva_da C Inition 
falsa 
s_anv 
'TastE' 

"TastE (SCEnv Rst Bypass Tast Ocrh Ocrl PailuraO_ Pailural_) 

* Tast^ 7 
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let OcrhB * new_recuraive_def inition 
false 
a_env 
'OcrhB ' 

"OcrhB { SCBnv Rat Bypass Teat Ocrh Ocrl PailureO_ Failurel_) 

= Ocrh"; ; 

let OcrlB = new_recursive_def inition 

false 

a_env 
'OcrlB ' 

"OcrlB (SCBnv Rat Bypaaa Teat Ocrh Ocrl PailureO_ Failurel_) 

* Ocrl"/; 

l*t PallureO_B * new_recuraive_def inition 
false 
a_env 

# FailureO_B' 

"FailureO_B (SCBnv Rat Bypaaa Teat Ocrh Ocrl PailureO_ Pallurel_) 

* FailureO_"/; 

let Failurel_B = new_recursive_def Inition 
falae 
•-SUV 

'Failurel_B ' 

*p a ilurel_B (SCBnv Rat Bypass Teat Ocrh Ocrl FailureO_ Failurel_) 
= Failurel_"/; 


let Env_CASBS * 

prove_casea_thm (prove_induction_thm a_env) ; ; 


let Bnv_Selectors_Work = prove_thm 
( 'Bnv_Selectors_Work * , 

" ! e t s_env . 

e ■ (SCBnv (RatB e) (BypasaB e) (TeatB e) (OcrhB e) (OcrlB e) (FailureO_B e) 
(Failurel_B e))", 

GBN_TAC 

THBN STRUCT_CASBS_TAC (SPEC "e r »_env" Bnv_CASBS) 

THEN RZWRITE_TAC [RatB; BypasaB; TeatB; OcrhB; OcrlB; FailureO_B; 

Failurel_B] 


) ; ; 


% 

Define abstract data type for the output. 


let s_out * 

def ine_type # s_out ' 

• *_out * SCOut wordn#wordn bool# bool boolibool bool# bool bool# bool 
bool# bool bool# bool bool# bool bool# bool bool#bool 
bool#bool ' ; ; 

let S_stateO * new_recursive_def Inition 
false 
a_out 
'S_stateO' 

"S_stateO (SCOut S_state Reaet_cport Diaable_int Reaet_piu Reset_cpuO 

R*a«t_cpul Cpu_biat Piu_fail CpuO_fail Cpul_fail Pmm L _fail) 

* S_state" ; ; 

let Reset_cportO * new_recursive_def inition 
false 
a_out 

'Reset_cportO' 

"Reset_cportO (SCOut S_state Reaet_cport Disable_int Reaet_piu Reeet_cpuO 
Reaet_cpul Cpu_bist Piu.fail CpuO.fail Cpul_fail Pmm_fail) 

* Reaet_cport"; ; 

let Disable_intO * new_re cur a ive_def inition 
false 



'Disabla_intO' 

"Disabla_intO (SCOut S_stata Rasat_cport Eisabla_int Rasat_piu Rasat_cpuO 
Rasat_cpul Cpu_bist Piu_fail CpuO_fail Cpul_fail Pmn_fail) 
■ Disabla_int" ; ; 

lat Raaat_piuO * naw_racursiva_def ini t ion 
falsa 
s_out 

'Rasat_piuO' 

"Rasat_piuO (SCOut S_stata Rasat_cport Disabla_int Rasat_piu Rasat_cpuO 

Raaat_cpul Cpu_bist Piu_fail CpuO_fail Cpul_f ail ~Pnm_f ail) 

* Rasat_piu"/ ; 

lat Raaat_cpuOO ■ naw_racursiva_daf ini t ion 

falsa 

B_OUt 

# Rasat_cpuOO ' 

"Rasat_cpuOO (SCOut S_stata Rasat.cport Disabla_int Rasat_piu Rasat_cpuO 
Rasat_cpul Cpu_bist Piu_fail CpuO_fail Cpul_fail Pmnufail) 

* Rasat_cpuO"/ / 

lat Rasat_cpulO = naw_racursiva_dsf inition 
falsa 
s_out 

'Rasat_cpulO' 

"Rasat_cpulO (SCOut S_stata Rasat_cport Disabla_int Ra*at_piu Rasat_cpuO 
Rasat_cpul Cpu_bist Piu_fail CpuO_fail Cpul_fail Pnn\_fail) 
= Rasat_cpul" 7 ; 

lat Cpu_bistO = naw_racursiva_daf inition 

falsa 

s_out 

'Cpu_bistO ' 

"Cpu_bistO (SCOut S_stata Rasat_cport Disabla_int Rasat_piu Rasat_cpuO 

Rasat_cpul Cpu_bist Piu_fail CpuO_fail Cpul_fail Pmm_fail) 

* Cpu_b 1st"; / 

lat Piu_failO * naw_ra cur siva_daf inition 

falsa 

s_out 

'Piu_f ailO' 

"Piu_failO (SCOut S_stata Rasat_cport Disabla_int Rasat piu Rasat_cpuO 

Rasat_cpul Cpu_bist Piu_fail CpuO_fail Cpul_fail Pmn^fail) 

* Piu_fail";/ 

lat CpuO_failO * naw_ra cur siva_daf inition 

falsa 

s_out 

'CpuO_failO ' 

"CpuO_failO (SCOut S.stata Rasat_cport Disabla_int Rasat _j>iu Rasat_cpuO 

Rasat_cpul Cpu_bist Piu_fail CpuO_fail Cpul_fail Pmm_fail) 

= CpuO_f all" ; ? 

lat Cpul_failO * naw_ra cur siva_daf inition 
falsa 
s_out 

'Cpul_failO' 

"Cpul_f ailO (SCOut S_stata Rasat_cport Disabla_int Rasat piu Rasat_cpuO 

Rasat_cpul Cpu_bist Piu_fail CpuO_fail Cpul_fail Psm.fail) 

« Cpul__fail"; i 

lat Pram_failO - naw_ra cur siva_daf inition 
falsa 
s_out 

'Pn*a_failO' 

ailO (SCOut S_stata Rasat_cport Disabla_int Rasat piu Rasat_cpuO 

Rasat_cpul Cpu_bist Piu_fail CpuO_fail Cpul_fail PnnL.fail) 

« Pmr^fail"; / 
lat Out_CASBS - 

prova_casas_thm (prova_induction_thm e_out)j/ 
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let Out_Selectors_Work * prove_thm 
( 'Out_Selectors_Work * , 

" \ p:s_out . 

p * (SCOut (S_etateO p) (Reeet_cportO p) (Disable_intO p) (Reset_piuO p) 
(Reset_cpuOO p> (Reeet_cpulO p) (Cpu_bistO p) (Piu_failO p) 
(CpuO_f allO p) (Cpul_f ailO p) (Pmm_failO p)) w , 

OBN„TAC 

THEN STRUCT_CASKS_TAC (SPEC "pn.out" Out_CASBS) 

THEN RBWRXTE_TAC [S_stateO; Reset_cportO; Disable_intO; Re»et_piuO; 

Reset_cpuOO/ Reaet_cpulO; Cpu_biatO; Piu_failO; 
CpuO_failO; Cpul_failO; Pmm_failO] 


close_theory ( ) ; ; 


% 


File : ablock_def . ml 

Author: (c) D.A. Fura 1992-93 

Date: 4 March 1993 

Thia file contains the ml source for the gate-level specification of the 
startup controller of the PTEP PIU, an ASIC developed by the Embedded 
Processing Laboratory, Boeing High Technology Center. 


■% 


git search path (search path() ® [ ' /home / elvis 6 /df ura/f tep/piu/hol/sucont / ' ; 

• / home /elvisfi/df ura/f tep/piu/hol/lib/ ' ; 

' /home/elvis6 /df ura/hol/ml/ ' ; 

' / home / elvis 6 /dfura /hoi /Library /tools/ ' 

]);; 


aet_f lag ('timing', true)/; 
system 'rm sblock_def . th' / / 
new_theory ' sblock_def ' ; / 
loadf 'aux_def s ' ; ; 

map new_parent [ ' saux_def ' ; ' array_def ' j ' ineq ' ] ; ; 

map load_parent [ 'gates_def 1 ' / ' latches_def ' ; 'f f a_def ' / ' count ers_def ' ; 
' piuaux_de f ' / ' wordn_.de f ' ] ; / 


% 

Input logic for S_soft_shot latch. 


let Scnt_In_GATR - new_def init ion 
( ' Scnt_In_GATE ' , 

"! (gcrh gcrl sof t_shot_±nD soft_cnt_inL : time->bool#bool) . 
Scnt_In_GATB gcrh gcrl sof t_shot_inD soft_cnt_inL * 

! t : time . 

(sof t_shot_inD t = ( ( (-ASeKgcrh t ) ) /\ ASeKgcrl t) ) , 

( ( -BSel (gcrh t)) /\ BSeKgcrl t)))) /\ 

(soft_cnt_inL t * (((-ASeKgcrh t) ) /\ -ASeKgcrl t)), 

( ( -BSel (gcrh t)) /\ -BSeKgcrl t))))" 

);; 


% 

Input logic for S_soft_cnt counter. 


let 


Scnt_Inl_OATB - new_def init ion 
( ' Scnt_Inl_OATE ' , 

*! (sof t_shot_outQ sof t_shot_del_outQ soft_cnt_inU j time->bool#bool) . 
Scnt_Inl_GATB sof t_shot_outQ sof t_shot_del_outQ soft_cnt_inU ■ 

! t : time . 
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soft_cnt_inU t = 

( (ASal (aof t_shot_outQ t) /\ ( -ASal ( aof t_ahot_dal_outQ t))), 

(BSal ( aof t_shot_outQ t) /\ ( -BSal ( aof t_ahot_dal_outQ t)))) w 

);/ 

% 

Input logic for S_dalay countar. 

- - % 


lat Dalay_In_GATE * naw_daf inition 
( ' Dalay_In_GATB ' , 

"l (»cpu»tart raaat_cnt dalay_inR : tima->bool#bool) 

( da 1 ay s t ima - > wordntwordn ) 

Dalay_In_OATE scpuatart dalay raaat_cnt dalay_inR ■ 

! t : tima . 

dalay_inR t * ( (ASal (raaat_cnt t) \/ 

{ ASal { acpuatart t) /\ (ELEMENT (ASal(dalay t)) (6)))), 

(BSal (raaat_cnt t) \/ 

(BSal (acpuatart t) /\ {ELEMENT (BSal (dalay t) ) (6)))))" 

)?; 

% - 

Dalay countar output multiplaxara . 

% 


lat Muxaa_OATB « naw_daf inition 


( 'Muxaa_GATE ' , 

*1 (taat inatart_inD dalayl7 t t ima - >bool#bool ) 
(dalay t tima->wordn#wordn) 


Muxaa_OATE dalay taat 

inatart_inD 

da lay 17 * 




!t:tima . 
(inatart_inD t * 

( ( (ASal (taat t)) 

*> 

ELEMENT 

(ASal (dalay 

t)) 

(5) 



1 

ELEMENT 

(ASal (dalay 

t)> 

(16) 

), 

( (BSal (taat t ) ) 

» 

ELEMENT 

(BSal (dalay 

t)) 

(5) 



1 

ELEMENT 

(BSal (dalay 

t) ) 

(16) 

))) A 

(da lay 17 t « 

( ( (ASal (taat t) ) 

*> 

ELEMENT 

(ASal (dalay 

t)) 

(6) 



1 

ELEMENT 

(ASal (dalay 

t)) 

(17) 

), 

( (BSal (taat t ) ) 

= > 

ELEMENT 

(BSal (dalay 

t) ) 

(6) 



1 

ELEMENT 

(BSal (dalay 

t) ) 

(17) 

)))" 


) ; ; 


% 

Ganaration logic for Diaabla_int output. 

% 


lat Dia_Int_Out_GATE * naw_daf inition 
( ' Dia_Int_Out_GATE ' , 

* ! (inatart normal diaabla_int_in diaabla_int_out t tima->bool#bool) 
(dalay * tima->wordn#wordn) 

Dia_Int_Out_GATB inatart normal dalay diaabla_int_in diaabla_int_out * 
1 t : tima . 

(diaabla_int_out t * 

( (-ASal (inatart t) A 

( -ASal (normal t) \/ - ( ELEMENT (ASal (dalay t) ) (6))) A 

ASal (diaabla__int_in t) ) , 

(-BSal (inatart t) A 

( -BSal (normal t) \/ -(ELEMENT (BSal(dalay t) ) (6))) A 

BSal(diaabla_int_in t))))» 

) ;; 


% 

Input logic for S_bad_cpuO, S_bad_cpul latchaa. 

— % 


lat Bad_Cpu_In_GATB * naw_daf inition 
( ' Bad_Cpu_In_OATK ' , 

* l (normal oparation cpuO_fail cpul_fail bagin : tima->bool#bool) 
(bad_cpuO_inS bad_cpuO_inR bad_cpuO_inE 1 1 ima - >bool#bool ) 
(bad_cpul_inS bad_cpul_inR bad_cpul_inB 1 1 ima- >bool # bool ) . 

Bad_Cpu_In_GATE normal oparation cpuO_fail cpul_fail bagin 
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/\ -ASal (cpuO_£ail t)), 

/\ -BSal ( cpuO_f ail t>)> in 


1 1 1 1 ima . 

lat e_cpuO_aalact * 

(( (ASal (normal t) \/ ASal ( operation t)) 

( (BSal (normal t) \/ BSal (operation t)) 
lat a_cpul_aalact * 

({ -ASal ( cpul_f ail t) /\ 

(ASal (normal t) \/ ASal (operation t)) /\ 

ASal(cpuO_f ail t)), 

( -BSal (cpul_f ail t) /\ 

(BSal (normal t) \/ BS*1 (operation t)) /\ 

BSal (cpuO_f ail t))) in 

( (bad_cpuO_inS t ■ (ASal(bagin t), BSaKbagin t))) /\ 

(bad_cpuO_inR t = a_cpuO_aalact ) /\ 

(bad_cpuO_inB t * 

( (ASal{ a_cpuO_aalact ) \/ A3al(bagin t) ) , 

(BSal { a_cpuO_aalact ) \/ BSal(bagin t)))) /\ 

{ bad_cpul_inS t * ((ASal(bagin t)), (BSaKbagin t)))) /\ 
(bad_cpul_inR t * s_cpul_aalact ) /\ 

(bad_cpul_inE t * 

( (ASal (a_cpul_aalact ) \/ ASal(bagin t)), 

( BSal ( a_cpul_aalact ) \/ BSaKbagin t ) ) ) ) > " 


% - 

Generation logic for local aignala cpuO_ok, cpul_ok. 


lat Cpu_Ok_OATB * naw_daf inition 
( ' Cpu_Ok_OATB 1 / 

* i (cpuO_f ail cpul_f ail failuraO_ failural_ cpuO_ok cpul_ok * tima->bool#bool) 
(aoft_cnt : t ima - >wordn#wordn ) . 

Cpu_Ok_QATE aoft_cnt cpuO_fail cpul_fail failuraO_ failural_ cpuO_ok 
cpul_ok = 


! titima . 

(cpuO_ok t * ( (ASal (cpuO_f ail t) /\ 

ASal (f ailuraO_ t) /\ 

( (ASal(aoft_cnt t)) * WORDN 2 5)), 
(BSal ( cpuO_f ail t) /\ 

BSal(f ailuraO_ t) /\ 

{ (BSal(aoft_cnt t) ) « WORDN 2 5)))) /\ 
( cpul_ok t * ( (ASal ( cpul_f ail t) /\ 

ASal(failural_ t) /\ 

( (ASal (»oft_cnt t)) ■ WORDN 2 5)), 
(BSal(cpul_f ail t) /\ 

BSal (f ailural_ t) /\ 

( (BSal(aoft_cnt t)) - WORDN 2 5))))" 


) ; ; 


% 

Input logic for S pmro fail, S_cpuO_fail, S_cpul_fail/ S_piu__fail latchaa . 


lat Fail_In_GATB - naw_daf inition 
( 'Fail_In_GATB ' , 

*1 (bagin pnan_fail piu_fail bypaaa cpuO_ok cpul_ok : tima->bool#bool) 

(pmm_f ail_inS pmm_f ail_inR pmm_fail_inB cpuO_f ail_inS t tima->bool#bool ) 
(cpuO_fail_inR cpuO_f ail_inB cpul_f ail_inS cpul_f ail_inR : t ima- > bool# bool ) 
(cpul_fail_inB piu_fail_inS piu_fail_inR piu_fail_inH j t ima- > bool #bool) . 
Fail_In_OATB bagin ptnm^fail piu_fail bypaaa cpuO_ok cpul_ok 

pmm_f ail_inS pn*n_f ail_inR pn*n_f ail_inE cpuO_f ail_inS 
cpuO_f ail_inR cpuO_f ail_inB cpul_f ail_inS cpul_f ail_inR 
cpul_fail_inB piu_f ail_inS piu_fail_inR piu_fail_inB » 

1 tit ima . 

(pmm_f ail_inS t - (ASal(bagin t) , BSaKbagin t))) /\ 

(pnm_f ail_inR t * (ASal(pmm_f ail t), BSal (pmm_f ail t))) /\ 

(pmm_fail_inE t * (( (AflaK bagin t)) \/ ( ASal(pimn_f ail t) ) ) , 

((BSaKbagin t)) \/ (BSal (pmm_f all t)))>) /\ 
(cpuO_fail_infl t = (ASaltbagin t) , BSaKbagin t))) /\ 

(cpuO_fail_inR t * (( (ASal( bypaaa t)) \/ (ASal(cpuO_ok t))), 

( (BSal (bypaaa t) ) \/ (BSal (cpuO_ok t ) } ) ) ) /\ 



(cpuO_f ail_inE t * 

( ( (AS*1 (begin t)) \/ (ASal(bypa«* t) ) \/ (ASal ( cpuO_ok t))), 

( (BSsl (bsgin t>) \/ (BSsl (bypass t) ) \/ (BSsl (cpuO_ok t))))> /\ 

(cpul_f ail_inS t * (AS*l(bagin t) , BSsl (bsgin t))) /\ 

(cpul_f ail_inR t * ({ (ASsl (bypass t)) \/ (ASsl (cpul_ok t))), 

( (BSsl (bypass t)) \/ (BSsl ( cpul_ok t ) ) ) ) ) /\ 

(cpul_f ail_inB t * 

(( (ASsl (bsgin t)) \/ (ASsl (bypass t)) \/ (ASsl (cpul_ok t))), 

((BSsl (bsgin t > ) \/ (BSsl (bypass t) ) \/ (BSal (cpul_ok t))))) /\ 

(piu_f ail_iaS t * (ASsl(bsgin t) , BSsl (bsgin t) ) ) /\ 

(piu_f ail_inR t * (( (ASsl (bypass t)) \/ ( ASsl (piu_f ail t)))V 

( (BSsl (bypass t ) > \/ (BSal (piu_f ail t))))) /\ 

(piu_f ail_inE t * 

{( (ASsl (bsgin t)) \/ (ASsl (bypass t)) \/ (ASsl (piu_fail t))), 

((BSsl (bsgin t)) \/ (BSsl (bypass t)) \/ (BSsl (piu_f ail t))))) w 

)// 


% 

Startup-eontrollsr controllsr stats machins . 

- % 


1st FSM_QATB * naw_dsf inition 
( ' FSM_GATE * , 

" ! (rst_in dslayl7_in bothbad_in bypass_in : tins- > bool #bool) 

(dslay_in : t ims->wordn#wordn ) 

(rst dslay6 dslayl7 bothbad bypass : tims->bool) 

(stats * tims->s£sm_ty) 

(statsA_out j t ims- >wordn#wordn) 

(sn_out so_out srcp_out sdi_out *rp_out srcO_out j tims->bool#bool ) 
(•rcl_out spf_out scO£_out scl£_out spmf _out sb_out i t ims- > bool #bool) 
(arc_out ssc_out srs_out scs_out 2 1 ims - >bool#bool ) . 

FSM_QATE r»t_in dslay_in dslayl7_in bothbad_in bypass_in 
stats rst dslay6 dslay!7 bothbad bypass 

statsA_out sn_out so_out srcp_out sdi_out srp_out srcO_out 
srcl_ont spf_out scO£_out sclf_out spnf_out sb_out src_out 
ssc_out sr*_out scs.out • 

1 tttims . 


(stats (t+1) * 


(rst t) 

*> 

SSTART i 



( (stats 

t) 

- SSTART) *> SRA 1 



( (stats 

t) 

= SRA) «> { (delays t) *> ((bypass 

t) «> 

SO 

( (stats 

t) 

» SPF) «> SCOI | 



( (stats 

t) 

- SCOI) *> ( (dslayl7 t) *> SCOF 1 

SCOI) 

1 

( (stats 

t) 

» SCOF) *> ST I 



( (stats 

t) 

» ST) «> sell 1 



( (stats 

t) 

= SC1I) *> ( (dslayl7 t) *> SC1F 1 

sell) 

1 

( (stats 

t) 

» SC IF) •> SS | 



( (stats 

t) 

* SS) *> ((bothbad t) ■> SSTOP 1 SCS) { 


( (stats 

t) 

* SSTOP) «> SSTOP I 



( (stats 

t) 

* SCS) » ( (da lay6 t) 0 SN I SCS) 

1 


( (stats 

t) 

« SN) -> ( (dalayl7 t) «> SO | SN) 

1 SO) 

/\ 

(rst (t+1) 

m ] 

BSal (rat_in t) ) /\ 



(dslay6 (t+1) 

» ELEMENT (BSal (dalay_in t) ) (6)) 

/\ 



(dslayl? (t+1) * BSsl (dslayl7_in t) ) /\ 
(bothbad (t+1) ■ BSsl (bothbad_in t) ) /\ 
(bypass (t+1) * BSsl (bypass_in t) ) /\ 


( sn_out t * 
( so_out t * 
(1st srep ■ 

(srcp_out t 
(1st sdi » 

( sdi_out t 
(1st srp * 


(srp_out t 
(1st sreO 


((stats (t+1) « SN), (stats (t+1) - SN) ) ) /\ 

((stats (t+1) « SO), (stats (t+1) * SO))) /\ 
((-(stats (t+1) - SO) /\ -(stats t - SSTOP)) \/ 
(stats t - SRA) ) in 
- (srep, srep))) /\ 

((-(stats (t+1) - SO) /\ -(stats t « SSTOP)) \/ 
(stats t > SRA)) in 

- (sdi, sdi))) /\ 

((stats (t+1) * SSTART) \/ (stats (t+1) « SRA) \/ 

(stats (t+1) - SCOF) \/ (stats (t+1) * ST) \/ 

(stats (t+1) - SC IF) \/ (stats (t+1) « SS) \/ 

(stats (t+1) ■ SCS ) ) in 

* (srp, srp))) /\ 

* (-(stats (t+1) * SPF ) /\ -{stats (t+1) ■ SCOI) ) in 
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(arcO_out t = (arcO, 
(lat arcl ■ ( - ( st at* 
(arcl_out t * (arcl, 
(lat apf = { ( atata t 


arcO ) ) ) /\ 

(t+1) * ST) /\ - ( atata (t + 1) - SC1I)) in 
•rcl))) /\ 

* SRA) /\ (dalay6 t) 


/\ - ( rat t) ) in 


(■pf_out t a (apf, »pf))) /\ 
(acOf_out t 
(•clf_out t 
( apmf _out t 
{ ab_out t * 

(lat arc 


( (atata ( t+1) 
* ( ( atata (t+1) 
= ((atata (t+1) 
( (atata (t+1) * 


SCOP), (atata (t+1) = SCOP))) /\ 

• SC IF), (atata (t+1) = SC1P) ) ) /\ 

* SO), (atata (t+1) * SO))) /\ 
SSTART), (atata (t+1) * SSTART) ) ) /\ 


( arc. 
( lat 


.out 

•ac 


( aac_out 
(lat ara 


(ara_out t 
(aca_out t 
((lat aO » 
(ALTER 
ARBN 
( 0 ) 

( (atata 

(atata 
( atata 
(atata 

(lat al * 
(ALTER 
aO 

( 1 ) 

( (atata 

(atata 

(atata 

(lat a2 - 
(ALTER 
al 

( 2 ) 

( (atata 

(atata 
(atata 
( atata 

(lat a3 * 
(ALTER 
a2 

(3) 

( (atata 

(atata 

(atata 

(atataA_out t 


((atata (t+1) * SSTART) \/ 

{(atata t * SRA) /\ (dalayfi t) ) \/ (atata (t+l)~= SCOP) 

( atata (t+1) » ST) \/ (atata (t+1) » SC1F) \/ 

(atata (t+1) - SS) \/ ((atata t - SCS) /\ dalay6 t) ) in 

* ( arc , arc ) ) ) /\ 

( ( ~ ( atata (t+1) * SSTOP) /\ -(atata (t+1) * SO)) \/ 
(atata t « SN) ) in 

* (aac , aac) ) ) /\ 

(({atata t - SPF) /\ -rat t) \/ 

((atata t * ST) /\ -rat t)) in 
= (ara, ara) ) ) /\ 

« ((atata (t+1) * SCS), (atata (t+1) « SCS))) /\ 


\/ 


(t + 1) 
(t+1) 
(t+1) 
(t+1) 


(t+1) 

(t+1) 

(t+1) 


(t+1) 

(t+1) 

(t+1) 

(t+1) 


(t+1) 
(t+1) 
(t+1) 
■ (a3 , 


SRA) \/ (atata (t+1) * SPP) \/ 
ST) \/ (atata (t+1) * SClI) \/ 
SCS) \/ (atata (t+1) * SN) \/ 
SO) ) ) in 


SPP) \/ (atata (t+1) * SCOI) \/ 
SCOP) \/ (atata (t+1) * ST) \/ 
SSTOP) \/ (atata (t+1) * SO))) 


in 


SCOP) 

sell) 


( atata 

( atata 


(t+1) 
(t + 1) 


SS) 

SCS 


\/ 

m 


( atata 

in 


(t+1) 


« SS) \/ (atata (t+1) : 

* SCS) \/ (atata (t+1) 

* SO) ) ) in 
a3 ))))))) " 


* ST) \/ 

« SC IF ) \/ 

SSTOP) \/ 


SSTOP) \/ 
■ SN) \/ 


)?; 


% 

Startup controllar block. 


lat SBloc)c„QATK * naw_daf inition 
( ' SBlock_OATE ' , 

" j (a t tima->a_atata) (a : tima->a_anv) (p i tima->a_out ) 

SBlock_OATE a a p a 
! tttima . 

? (£anud«l*yl7 fam_bothbad fam_an fanu*© fam_adi t tiaa->bool#bool) 
(fanv_arc0 fam_arcl fam_apf fam^acOf j tima->bool#bool) 

(fam_apmf fanu*b fanfare £am_aac faia_*ra fam_»ca : tima->bool#bool) 

(NC aof t_ahot_inD aof t_ahot_outQ aof t_ahot_dal_outQ : tima->bool#bool) 
(aof t_cnt_inL aoft_cnt_inU : tima->bool#bool) 

(dalay_inR inatart_inD t tima->bool#bool) 

( inatart_outQ bad_cpuO_inS bad_cpuO_inR bad_cpuO_inE t tima->bool#bool) 
(bad_cpuO_outQ raaat_cpuO_inD bad_cpul_inS : t ima->bool#bool) 
(bad_cpul_inR bad_cpul_inB bad_cpul_outQ i t ima->bool#bool) 
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(raaat_cpul_inD cpu_biat_inD cpuO_ok cpul_ok : tima->bool#bool ) 

(pmm_f ail_inS pn®cv_f ail_inR pmm^f ail_inE cpuO_fail_inS j t lm« - >bool#bool ) 
(cpuO_fail_inR cpuO_f ail_inB cpul_f ail_inS t tima->bool#bool } 
(cpul_fail_inR cpul_f ail_inB piu_f ail_inS : tima->bool#bool ) 

(piu_f ail_inR piu_fail_inB : tima->bool#bool ) 

(dalay_outQ *of t_cnt_outQ : t ima->wordn#wordn) . 

( Scnt_In_GATB {aig GcrhE a) (aig OcrlS •) aof t_ehot_inD aoft_cnt_inL) /\ 
(DLatA_GATB aof t_ahot_inD (aig S_aoft_ahotS a) aof t_ahot_outQ) /\ 
(DFFA_OATB aof t_ahot_outQ ( aig S_aof t_ahot_dalS a) aof t_ahot_dal__outQ) /\ 
( Scnt_Inl_GATK aof t_ahot_outQ aof t_ahot_dal_outQ aof t_cnt_inu) /\ 

( UpRCnt A_GATB 2 (GNDN 2) aof t_cnt_inL aof t_cnt_inU fam_ara 
(aig S_aoft_cntS s) aof t__cnt_outQ NC) /\ 

(D«lay_In_OATE fam_*ca dalay_outQ fam_*rc delay_inR) /\ 

( UpRCnt A_GATB 17 (GNDN 17) GND £am_aac dalay.inR (aig S_dalayS a) 
dalay_outQ NC) /\ 

( Mux a s_GATB dalay_outQ {aig TaatB •) inatart_inD f anudalayl7 ) /\ 

( DLat A_GATB inatart_inD (aig S_inatartS a) inatart_outQ) /\ 
(Dia_Int_Out_GATR inatart_outQ fam_an dalay_outQ fam_adi 
(aig Diaabla_intO p) ) A 

(AND2_GATB (aig Cpu0_failO p) (aig Cpul_failO p) f am_bothbad) /\ 

( Bad_Cpu_In_GATB fam^an fam_ao (aig CpuO_failO p) (aig Cpul_failO p) 
fam_ab bad_cpuO_inS bad_cpuO_inR bad_cpuO_inB 
bad_cpul_iaS bad_cpul_inR bad_cpul_inE ) / \ 

( DSRBLat B_GATB GOT) bad_cpuO_inS bad_cpuO_inR bad_cpuO_inE 
(aig S_bad_cpuOS a) bad_cpuO_outQ) /\ 

(DSRELatB_GATB GND bad_epul_infl bad_cpul_inR bad_cpul__inB 
(aig S_bad_cpulS a) bad_cpul_outQ) /\ 

(AND2_GATK bad_cpuO_outQ fam_arcO raaat_cpuO_inD ) /\ 

(AND2_GATB bad_cpul_outQ f am_arcl raaat_cpul_inD) / \ 

(DLatB_GATB raaat_cpuO_inD (aig S_raaat_cpuOS a) (aig Raaat_cpuOO p) ) A 
(DLatB_GATB raaat_cpul_inD (aig S_raaat_cpulS a) (aig Raaat_cpulO p) ) /\ 
(AND3_OATB (aig Raaat_cpuOO p) (aig Raaat_cpulO p) (aig BypaaaB •) 
cpu_biat_inD) / \ 

( DFFB_GATB cpu_biat_inD (aig S_cpu_biats a) (aig Cpu_biatO p) ) /\ 
(Fail_In_GATB fam_ab f am_spmf fam^apf (aig BypaaaB a) cpuO_ok cpul_ok 
pmxn^f ail_inS pnnn_f ail_inR pmm_f ail_inB cpuO_f ail_inS 
cpuO_Cail„ixxR cpuO_f ail_inE cpul_fail_inS cpul_f ail_inR 
cpul_f ail_inB piu_fail_inS piu_f ail_inR piu_f ail_inE) /\ 

( DSRBLatB_GATB GND pmm_f ail_inS pmn_£ail_inR pmm_f ail_inB 
(aig S_pnm^failS a) (aig Pmn^failO p) ) /\ 

( DSRBLat B_QATB GND cpuO_f ail_inS cpuO_fail_inR cpuO_f ail_inB 
(aig S_cpuO_failS a) (aig CpuO__£ailO p) ) A 
( DSRBLat B_OATB GND cpul_f ail_inS cpul_fail_inR cpul_£ail_inE 
(aig S_cpul_CailS a) (aig Cpul_failO p) ) A 
( DSRBLat B_OATB GND piu_fail_inS piu_fail_inR piu_fail_inB 
(aig S_piu_failS a) (aig Piu_failO p) ) A 
(Cpu_Ok_GATB aof t_cnt_outQ fam^acOf fam^aclf (aig FailuraO_B a) 

(aig Fallural_B a) cpuO_ok cpul_ok) /\ 

( FSM_GATB (aig RatB a) da lay-out Q fam_dalayl7 £am_bothbad (aig BypaaaB a) 
(aig S_fam^atataS a) (aig S_fam^ratS a) (aig S_f an\_dalay6S a) 
(aig S_f am_dalay 17 S a) (aig S_f anubothbadS a) 

(aig S_f am_bypaaaS a) (aig S_atataO p) fam_an fam_ao 
(aig Raaat_cportO p) fan^adi (aig Raaat_piuO p) fam_arcO 
fam_arcl faxn_ap£ fan*_acOf faw_aclf f am_apmf fam_ab fam_arc 
fam_aac fam_ara fam^aca)" 


lat SBlock - aava_thzn {'SBlock', SBlock_GATB) ; ; 

lat SBlock_BXP * aava_thm 
( ' SBlock_BXP ' , 

(BBTA_RULB 

(RBWRITB_RDLB [ Scnt_In_OATB ; Scnt_Inl_OATB / Dalay_In_GATB ; Muxaa_GATK ; 

D i a_Int_Out_GATB ; KXP AND_LB T_RU LB ( Bad_Cpu_In„aATB ) ; 
Fail_In_OATB ; Cpu_Ok_GATB / BXPAND_LBT_RDLB ( FSM_GATB ) ; AND2_GATB / 
AND3_GATB ; DLat A_GATB ; DLatB_GATZ ; DSRBLat B_QATB j DFFA_GATB ; 
DFFB_GATB ; UpRCnt A_GATB ; ASal ; BSal ; GND ; QNDN j a ig] 

(SPEC_ALL SBlock_GATB) ) ) 

);; 

cloaa_thaory ( ) ; ; 
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Film: 


sclock_daf .ml 


Author : (c) D.A. Fur*. 1992-93 

Data : 4 March 1993 

This fila contains tha ml sourca for tha clock-laval spacif ication of tha startup 
controllar of tha FTBP PIU, an ASIC davalopad by tha Brabaddad Procassing 
Laboratory, Boaing High Tachnology Cantar. Tha bulk of this coda was translatad 
from an M-languaga simulation program using a translator writtan by P.J. Windlay 
at tha Univarsity of Idaho. 

% 


sat_saarch_path (saarch_path( ) « [ ' /hcm*/alvis6/dfura/f tap/piu/hol/lib/ ' ; 

' /homa/alvis6/dfura/f tap/piu/hol/sucont / ' / 

' /homa/alvis6/dfura/hol/ml/ ' ; 

' /homa/alvis 6 /dfura/hol /Library/ tools/ ' 
]);; 


systam ‘ rm sclock_daf . th' / ; 
naw_t haory # s c lock_da f ' / / 
loadf 1 aux_da f s ' ; / 

map naw_parant [ 'piuaux_daf ' ; ' saux_daf ' ; ' array_daf ' ; * wordn_daf ' ; ' inaq ' ] ; ; 

naw_typa_abbr a v ( ' t imaC * , " t num" ) ; ; 

lat ASal * dafinition 'piuaux_daf ' 'ASal'/; 
lat BSal * dafinition 'piuaux_daf' 'BSal';/ 
lat RSTN » dafinition ' wordn_daf ' ' RSTN ' ; ; 

% 

Naxt-stata dafinition for SU-Cont instruction. 


lat SC_NSF * naw_daf inition 
( ' SC_NSF ' , 

" \ (s : s_stata) (a : s_anv) . 

SC_NSF s a * 

lat S_fsnu*tata = S_fsm_stataS s and 
S_fsm^rst > s_fsm_rstS s and 
S_fsm_d*lay6 ■ S_f sm^dalaySS s and 
S_fsm_dalayl7 - S_f sm^dalayl7S s and 
S_f »m_bothbad = S_f sm^bothbadS s and 
S_fsm_bypass * s_f snubypassS s and 
S_soft_shot * s_soft_*hotS s and 
S_sof t_shot_dal * S_sof t_shot_dalS s and 
S_soft_cnt * S_soft_cntS s and 
S_dalay « S_dalayS s and 
S_instart * s_instarts s and 
S_bad_cpuO * S_b*d_cpuOS s and 
S_bad_cpul * S_bad_cpulS s and 
S_rasat_cpuO * s_rasat_cpuOS s and 
S_rasat_cpul * S_r*s*t_cpulS s and 
S_cpu_bist * s_cpu_bists s and 
S_pmm^fail = S_pnat_£*il s • * nci 

S cpu 0 fail = S__cpuQ„f ails s and 

S_cpul_f ail « S_cpul_failS s and 
S_piu_f ail * S_piu_f ails s in 
lat Rst ■ RstB a and 

Bypass - BypassB a and 
Tast * TastB a and 
Ocrh = OcrhB a and 
Ocrl * OcrlB a and 


179 



Failura0_ « FailuraO_E a and 
Failural_ * Failural_E a in 
lat naw_S_f am^atata « 

(S_f»nL_r*t »> SSTART | 

(S_f am_atata * SSTART) *> SRA I 
(S_f am_atata * SRA) ■> 

(S_fa©_dalay 6 -> (S_£am_bypasa *> SO | SFF) I SRA) I 
(S_f am^atata - SPF) *> SCOI | 

(S_fam_atata * SCOI) .> (S_f anudalayl7 => SCOF | SCOI) | 

(S_f am_atata - SCOF) «> ST | 

(S_f»nu«tat* - ST) «> SC1I | 

(S_fam_atata « SC1I) *> {S_f am_dalayl7 »> SC1F I SC1I) | 

(S_f ajn_atata - SC1F) *> SS | 

(S_f am_atata ■ SS) «> (S_f am_bothbad *> SSTOP | SCS) I 
(S_f»m_*tata * SSTOP) => SSTOP | 

(S_fanu*tata * SCS) *> (S_f am^dalayfi *> SN | SCS) | 

(S_f am_atata * SN) => (S_f am^dalayl7 => SO | SN) | SO) in 
lat * (naw_S_f anuatata * SN) in 

lat a_fam_ 0 o ■ (naw_S_f am^atata * SO) in 

lat a_fam_arcp * ( ( ( ~ (naw_S_f am_*tata ■ SO)) A {- (S_f anu«tata ■ SSTOP))) 
\/ (S_£am_atata ■ SRA)) in 

lat a_fam_adi = ( ( ( - (naw_S_£am_atata * SO}) /\ ( - (S_£anv_atata * SSTOP) ) } 
\/ (S_£am L _atata - SRA) ) in 

lat a_f ann_arp * ( (naw_S_f axtv_*tata - SSTART) \/ (naw_S_f am_atata - SRA) 

\/ (naw_S_f asL_atata * SCOF) \/ (naw_S_f am^atata ■ ST) 

\/ (naw_S_f anv_atata ■ SC1F) \/ (naw_S_f am^atata * SS) 

\/ (naw_S_f am_atata * SCS) ) in 

lat 0 _fanu«rcO ■ ( (- (naw_S_f am^atata * SPF)) 

/\ (- (naw_S_f am^atata * SCOI))) in 
lat a_fanL_arcl « ( (- (naw_S_£anv_atata ■ ST)) 

A (~ (naw_S_f am^atata * SC1I))) in 

lat a_£am^ap£ - ( (S_fanu«tata * SRA) /\ S_fan^dalay 6 /\ ~S_f am_rat ) in 

lat 0 _f 0 m_»cOf « (naw_S_f an^atata * SCOF) in 

lat a_fanu»cl£ » (naw_S_f anuatata * SC1F) in 

lat 0_f0m_«pntf * (naw_S_f am^atata « SO) in 

lat 0 _f 8 ai_ 0 b m (naw_S_f ara^atata * SSTART) in 

lat a_fam_arc * ( (naw_S_£anuatata « SSTART) 

\/ { (S_f am_» tata « SRA) A S_f am_dalay 6 ) 

\/ (naw_S_f am_atata * SCOF) \/ (naw_S_f am_atata ■ ST) 

\/ ( naw_S_£ am_a tata * SClF) \/ (naw_S_f aa^atata * SS) 

\/ ( (S_£am_*tata - SCS) A S_f am^dalayfi) ) in 
lat a_fanv_»*c * ( ( ( - (naw_S_f am_atat* * SSTOP)) /\ 

(~ (naw_S_f am_atata * SO))) \ / (S_f am_atata « SN) ) in 
lat a_£ain_ara « ( ( {S_fam_atata * SPF) A ~S_f am_rat ) 

\/ ( (S_£am L _»tata * ST) /\ -S_fam_rat) ) in 
lat a_faiq_ 0 C 0 * (naw_S_f am^atata s SCS) in 
lat naw_S_eoft_ahot • (-ASal(Qcrh) /\ ASal(Ocrl)) in 
lat naw_S_aof t_ahot_dal * naw_S_aof t_ahot in 
lat 0 _aoft_cnt_out » 

( (naw_S_aoft_ahot_dal A -S_aof t_ahot_dal) 

«> ( INCN 2 S_ao£t_cnt) 

I S_aoft_cnt) in 
lat naw_S_aof t_cnt ■ 

( ( a_Cam L _ara) ■> (WORDN 2 0) I 

(-BSal(Ocrh) /\ -BSal(Ocrl)) -> (RSTN 2) | a_aof t_cnt_out ) in 

lat a_dalay_out « 

( (a_fain_aac) *> (INCN 17 S_ dalay) | S_dalay) in 
lat naw_S_dalay ■ 

( ( a_f am_arc \/ (a_£anu«ca /\ (ELEMENT ( a_dalay_out ) ( 6 )))) 

*> (WORDN 17 0) 

I a_dalay_out ) in 
lat naw_S_inatart ■ 

( (ASal(Taat) ) 

-> (ELEMENT a_dalay_out (5)) 

I (ELEMENT a_dalay_out (16))) in 
lat a_cpu 0 _ok * 

(a_f am_ac0f /\ BSal (Failura0_) /\ ( a_aof t_cnt_out - (WORDN 2 5))) in 
lat a_cpul_ok - 

(a_fam_aclf /\ BSal (Failural_) /\ ( a_aof t__cnt_out * (WORDN 2 5))) in 
lat naw_S_pnm_f ail - 

( ( a_f am^ab \ / a_£ am_apmf ) 

■ > ( (a_£anu»b A -a_f am_apmf ) => T I 
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ARB) 


( -s_f sm_sb /\ s_f sm_spmf ) *> P I 
( -s_f sm_sb / \ ~s_f sm_spmf ) *> P I ARB) 

I S __pnun_f ail) in 
lat naw_S_cpuO_f ail * 

((s_fsnu«b \/ BSal (Bypass) \/ s_cpuO_ok) 

*> ( ( s_f sm_sb /\ - {BSal (Bypass ) \/ s_cpuO_ok) ) «> T I 

(~s_fsm_sb /\ (BSal (Bypass ) \/ s_cpuO_ok) ) => P I 

( -s_f sm_sb /\ - (BSal (Bypass) \/ s_cpuO_ok) ) ■> P I 
I S_cpuO_£ail) in 
lat naw_S_cpul_f ail = 

( (s_fsm_sb \/ BSal (Bypass ) \/ s_cpul_ok) 

»> ( (s„fsm_sb /\ -(BSal (Bypass) \/ s_cpul_ok) ) «> T I 
( -s_f sm_*b /\ (BSal (Bypass) \/ s_cpul_o)c) ) *> P I 
( -s_£sm_sb /\ - (BSal (Bypass) \/ a_cpul_ok) ) *> P I ARB) 

| S_cpul_fall) in 
lat naw_S_piu_f ail * 

{ (s_fsm_sb \/ BSal (Bypass ) \/ s_fsm_spf) 

*> ( (s_f sm_sb /\ - (BSal (Bypass) \/ s_fsm_spf)) «> T I 

( -s_f sm_sb /\ (BSal (Bypass ) \/ s_fsnu*pf ) > *> * I 

(~s_fsm_sb /\ - (BSal (Bypass) \/ s_fsm^spf>) => F I ARB) 

| S_piu_fail) in 

lat s_cpuO_salact * ( (s_fsm_sn \/ s_fsm_so) /\ ~naw_S_cpuO_f ail) in 

lat a_cpul_salact = 

( ~naw_S_cpul_f ail /\ (s_fsm_sn \/ s_fsnuso) /\ naw_S_cpuO_f ail) in 
lat naw__S_bad_cpuO » 

( (s_cpuO_salact \/ s_fsm_sb) 

■> ((a_fsm_ab /\ -s_cpuO_salact ) *> T I 
( -s_£sm_sb /\ s_cpuO_salact ) «=> P 1 
(-s_fanL_sb /\ -a_cpuO_salact ) *> F I ARB) 

| S_bad_cpuO ) in 
lat naw_S_bad_cpul * 

( (s_cpul_salact \/ s__fsnusb) 

*> ( (s_£sm_sb /\ -s_cpul_salact) *> T I 
( -s_f anv_sb /\ s_cpul_salact ) ■> P I 
( ~s_f sm_sb /\ -s_cpul_salact ) *> F I ARB) 

| S_bad_cpul) in 

lat naw_S_rasat_cpuO » ( naw_S_bad_cpuO /\ a_fsnu*rcO) in 
lat naw_S_rasat_cpul » (naw_S_bad_cpul /\ s_fsm_»*“ c l> in 
lat naw_S_cpu_bist « 

(S_rasat_cpuO /\ S_rasat_cpul /\ ASal (Bypass ) ) in 
lat naw_S_f sm_*st = BSal(Rst) in 

lat naw_S_f sm_dalay6 * (ELEMENT s_dalay_out (6)) in 
lat naw_S_f snu<i«l»y i 7 * 

( (BSal(Tast) ) 

■> (ELEMENT s_dalay_out (6)) 

| (ELEMENT s_dalay_out (17))) in 
lat naw_S_f s«0>othbad * (naw_S_cpuO_f ail /\ naw_S_cpul_f ail) in 
lat naw_S_f snc^bypass * BSal (Bypass) in 

(SC St at a naw_S_£ sm_s t at a naw_S_f sm_rst naw_S_f sm_dalay6 naw_S_f sm_dalayl7 
naw_S_f sn\_bothbad naw_S_f sm_bypas s naw_S_sof t_shot 
naw_S_soft_shot_dal naw_S_sof t_cnt naw_S_dalay naw_S_instart 
naw_S_bad_cpuO naw_S_bad_cpu 1 naw_S_rasat_cpuO naw_S_rasat_cpul 
naw_S_cpu_bist naw_S_pmm_f ail naw_S_cpuO_f ail naw_S_cpul_f ail 
ne w_S_p iu_ fail)" 


lat SClockNSF_REW * sava_thm 
( 'SClockNSP_REW' , 

( REWRITE_RULE [ASal / BSal/ RSTN] SC_NSF) 

);; 


% 

Output dafinition for SU-Cont instruction. 


lat SC_OF * naw_daf ini t ion 
( ' sc_OF ' , 

" ! (s t s_stata) (a :s_anv) . 

SC_OF s a « 

lat S_fsm_stata » S_f snustataS s and 
S_fsm^rst * s_fsm_rstS s and 
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S_£am_dalay6 * S_£ ■m_d*lay6S a and 
S_£am_dalayl7 ■ S_£am_dalayl7S a and 
S_f am_bothbad ■ S_f »m_bothbadS ■ and 
S_£ *m_bypa*» - S_£ »m_bypaaaS a and 
S_aoft_ahot * S_ao£t_ahotS a and 
S_aof t_ahot_dal * S_ao£t_ahot_dalS a and 
S_aoft_cnt m s_aoft_cnt S a and 
S_dalay = S_dalayS a and 
S_inatart ■ S_inatartS a and 
S_bad_cpuO * S_bad_cpuOS a and 
S_bad_cpul * S_bad_cpulS a and 
S_raaat_cpuO * S_raaat_cpuOS a and 
S_raaat_cpul * S_raaat_cpulS a and 
S_cpu_biat » S_cpu_biatS a and 
S_pmm_f ail = S_pmm_f ails a and 
S_cpuO_fail = S_cpuO_failS a and 
s_cpul_fail * S_cpul_failS a and 
S_piu_fail x s_piu_failS a in 
lat Rat * RatB a and 

Bypaaa = BypaaaB • and 
Taat x TaatS a and 
Gcrh x GcrhE a and 
Ocrl = GcrlB a and 
FailuraO_ « FailuraO_B a and 
Failural_ x Failural_B a in 
lat naw_S_f aiiL_*tata ■ 

(S_£am_rat *> s START | 

(S_fanu«tata * SSTART) ■> SRA | 

(S_£ any_atata x SRA) x> 

(S_f •m_dalay6 x> (S_f anL_bypaaa *> SO | SPF) I SRA) I 
(S_£am_atata x SPF) ■> SCOI I 

(S_fam_»tata x SCOI) x> (S_f am_dalayl7 «> SCO? I SCOI) | 
(S_£am_atata = SCOF) x> ST | 

( S_£ im_ftata x ST) x> sell | 

(S_fam_atata x sell) x> (S_£anudalayl7 x> SC1F | sell) | 
(S_£am_atata * SC1F) x> ss j 

(S_fam_atata * SS) «> ( S_f anubo t hbad ■> SSTOP | SCS) | 

{s_fam_»tata x sstop) *> sstop | 

(S_£am_atata ■ SCS) x> (s_f am_dalay6 x> SN i SCS) | 

{ S_£ am_atata » SN} x> {s_f am^dalayl7 «> SO | SN) I SO) in 
lat a_fa»_»a * {naw_S_f an^atata * SN) in 
lat a^fam^o x (naw_S_£ anu»tata = SO) in 
lat a_fan l _arcp * ( ( ( - {naw_S_f an*_atata * SO)) /\ 

( - (S_£ ax^_atata x SSTOP))) 

\/ (S_f am^atata * SRA)) in 
lat a_fam_»di * ( < { - (naw_S_£ am_atata » SO)) /\ 

{-(S.fam^atata ■ SSTOP))) 

\/ (S_fam^atata - SRA) ) in 

lat a_fanL.*rp * ( (naw_S_f an^atata * SSTART) \/ (naw_S_f an*_*tata * SRA) 
\/ (naw_S_f am_atata x SCOF) \/ (naw_S_f aj*_atata • ST) 

\/ (naw_S_fasi_atata * SClF) \/ (naw_S_£anv_atata * SS) 

\/ <naw_S_£ »m_atata x SCS) ) in 

lat a_fain_arcO « ( ( - (naw_S_f am^atata x SPF)) 

/\ ( - (naw_S_f am^atata x SCOI))) in 
lat a_fanu»rcl . {{- (naw_S_f am^atata * ST)) 

/\ (- (naw_s_f am^atata x sell))) in 

lat a_£aiA_»p£ = ( (S_£am_atata * SRA) /\ S_£anL_dalay6 /\ -S_f am^rat ) in 

lat a_£ao^acO£ * (naw_s_f am_atata * SCOF) in 

lat a_fanu»clf * (naw_S_£am_atata x SClF) in 

lat a_f an^apmf * (naw_S_f am_atata x so) in 

lat a_fam^ab x (naw_S_£ant_atata x SSTART) in 

lat a_£anu*rc ■ ( (naw_S_f anu»tata * SSTART) 

\/ ( (S_fam_atata x SRA) /\ S_£am_dalay6) 

\/ (naw_S_£anv_»tata x SCOF) \/ (naw_S_fain_atata = ST) 

\/ (naw_s_£am_atata x SClF) \/ (naw_S_fan*_atata x ss) 

\/ { (S_farn_*tata * SCS) /\ S_£an*_dalay6) ) in 
lat a.fauLaac ■ ( U - (naw_S_£an*_»tata x SSTOP)) /\ 

(- (naw_S_£am_atata ■ SO))) \/ (S_£an*_atata x SN) ) in 
lat a_£anc«ra x ( ( (S_fam_atata x SPF) /\ ~S_f am^rat } 

\/ ( (S_f a*n_*tata ■ ST) /\ -S_£anLrat) ) in 

lat a_fam_*c» x (naw_S_fam_atata « SCS) in 
lat naw_S_aof t_abot x < -ASal (Oerh) /\ ASal(Ocrl)) in 
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lat naw_S_aof t_ahot_dal * naw_S_sof t_ahot in 
lat a_aof t_cnt_out ■ 

( (nav_S_aoft_ahot_dal /\ ~S_aof t_ahot_dal) 

=> (INCN 2 S_aoft_cnt) 

| s_aof t_cnt ) in 
lat naw_S_ao£t_cnt * 

( (s_f»iti_»r«) «=> (WORDN 2 0) | 

(-BSal(acrh) /\ -BSal (Ocrl ) ) => (RSTN2) I a_aof t_cnt_out ) in 
Imt a_dalay_cmt * 

((a_fam_Bac) *> (INCN 17 S_dalay) I S_dalay) in 
Imt naw_S_dalay * 

( (a_fa®_* rc \/ (a_fanuaca /\ { BLRMBNT a_dalay_out (6)))) 

«> (WORDN 17 0) 

| a_dalay_out) in 
lat naw_S_inatart = 

( (ASal(Taat) ) 

«> (BLRMBNT a_dalay_out (5)) 

| (BLRMBNT a_dalay_out (16))) in 
lat a_cpuO_ok. * 

(a_£am_8c0f /\ BSal (PailuraO_) A ( a_aof t_cnt_out = (WORDN 2 5))> in 
lat s_cpul_ok * 

( a_f am^aclf /\ BSal (Pailural_) /\ ( e_aof t_cnt_out * (WORDN 2 5))) in 
lat naw_S_pmnuf ail * 

( (a_f»nu«b \/ *_fain_»pnif ) 

m> ((a_fanu*b /\ -a_£am_»pm£ ) => T I 

( ~a_f am_ab /\ a_f anuipiaf ) *> P I 
( ~a_f am_ab A -a_fam_apmf) => P I ARB) 

| S_pmm L _f in 

lat naw_S_cpuO_f ail * 

((a_fsm_»b \/ BSal (Bypaaa ) \/ s_cpu0_ok) 

*> ( ( a__f sm_ab /\ - (BSal (Bypaaa ) \/ a_cpu0_ofc} ) => T I 

( -a_f am_ab /\ (BSal (Bypaaa ) \/ a_cpu0_ofc) ) *> P I 

{-a_f am_ab /\ - (BSal (Bypaaa) \/ a_cpu0_o)c) ) «> P I ARB) 

I S_cpuO_fail) in 
lat naw_S_cpul_f ail * 

(<a_fam_ab \/ BSal(Bypaaa) \/ a_cpul_ok) 

= > ((8_CanL.ab /\ - (BSal (Bypaaa ) \/ s_cpul_ok) ) => T I 

(-a_f am_ab /\ (BSal (Bypaaa ) \/ a_cpul_ok) ) «> F I 

{ ~»_f ani_*b /\ - (BSal (Bypaaa) \/ a_cpnl_ok) ) *> P I ARB) 

| S__cpul_f ail) in 
lat naw_S_piu_f ail * 

((•_f«n_»b \/ BSal (Bypaaa ) \/ a_fanuapf> 

s > ({a_fanu*b /\ - (BSal (Bypaaa ) \/ a_fam_»pf)) ■> T I 

(-a_fanu»b A (BSal (Bypaaa) \/ a_fam_*pf)> *> F I 

(-alfanuab /\ - (BSal (Bypaaa ) \/ a_£am^ap£)) *> F I ARB) 

| S_piu_fail) in 

lat a_cpuO_aalact * ((a_fam_m \/ a_fanv_ao) A -naw_S_cpuO_f ail ) in 
lat a_cpul_aalact * 

( -naw_S_cpul_f ail A (a_fam^*a \/ a_fam_ao) /\ naw_S_cpuO_f ail ) in 
lat naw_S_bad_cpuO « 

( (a_cp\iO_aalact \/ a_f am_ab) 

»> ( (a_fanu»b /\ -a_cpuO_aalact ) *> T | 

(~a_fam_*b A a_cpuO_aalact ) *> F I 
(~a_fanu»b /\ -a_cpuO_aalact ) «> F I ARB) 

l S_bad_cpu0 ) in 
lat naw_S_bad_cpul = 

( (a_cpul_aalact \/ a_£am_ab) 

-> ((a_£am^ab /\ -a_cpul_aalact ) «> T | 

( -a_f am_ab /\ a_cpul_aalact ) ■> F i 
(-a_£am_ab A -a_cpul_aalact) *> F I ARB) 

| S_bad_cpul ) in 

lat naw_S_ra a at_cpu0 * (naw_S_bad_cpuO A a_fam_arcO) in 
lat naw_S_ra a a t _cpu 1 - ( naw_S_bad_cpul A a_fain_»rcl) in 
lat naw_s_cpu_biat * 

( S_raaat_cpuO /\ S_raaat_cpul /\ ASal (Bypaaa ) } in 
lat naw_S_f am_rat ■ BSal (Rat) in 

lat naw_S_f am_da 1 ay 6 - (BLRMBNT a_dalay_out (6)) in 
lat naw_S_f am_dalayl7 * 

( (BSal(Taat) ) 

.> (BLRMBNT a_dalay_out (6)) 

| (BLRMBNT a_dalay_out (17))) in 
lat naw_S_fam_bothbad - (naw_S_cpuO_f ail /\ naw_S_cpul_f nil) in 
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lat naw_S_f sm_bypaa» * BSal(Bypaaa) in 


lat aaO * 
(ALTER 
ARBN 


(0) 

( (naw_S_£ am_atata 
(n«w_S_f 

( naw_S_f am_atata 
( naw_ s_£ m a t a t • 
lat sal ■ 

(ALTER 

■ 80 


SRA) \/ (naw_S_f as^atata * SPF) \/ 
ST) \/ (naw_S_fain_Btata - SC1I) \/ 
SCS) \/ (naw_S_f am_atata » SN) \/ 
SO) ) ) in 


( 1 ) 

( (naw_S_f anv_atata 
( naw_S_£ am^at at a 
(naw_S_f am_atata 
lat mm 2 * 

(ALTER 

•■1 

( 2 ) 

( (naw_S_£a®_atata 
( naw_S_ f a bl. • t a t a 
(naw_S_£ am__»tat« 
(naw_S_£am_atata 
lat »a3 * 


SPP) \/ (naw_S_fani_atata = SCOI) \/ 
SCOP) \/ (naw_S_f am_stata * ST) \/ 
SSTOP) \/ (naw_S_f am.atata » SO))) in 


SCOP) \/ (naw_S_£am_atata s ST) \/ 
SC1I) \/ (naw_S_£anu»tata ■ SC1P) \/ 
SS) \/ {naw_S_£am_Btata * SSTOP) \/ 
SCS))) in 


(ALTER 

992 

(3) 

{ (naw_S_f am^atata * SS) \/ (naw_S_f am^atata * SSTOP) \/ 
(naw_S_£anuatata * SCS) \/ <naw_S_f an_atata * SN) \/ 
(naw_S_£ am_atata * SO) ) ) in 
lat S_atata * (aa3, aa3) in 

lat Raaat_cport * (a_fam_arcp, a_f am_ 0 rcp) in 
lat Diaabla_int « 

( (~naw_S_inatart /\ 

{-a_£ 0 m_an \/ - (ELEMENT a_dalay_out (6))) /\ 

9_t •m_adi) , 

(-naw_S_inatart /\ 

( -a_£an\_an \/ -(ELEMENT a_dalay_out (6))) /\ 
a_£am^adi)) in 

lat Raaat_piu * (a_£am t _arp, a_£ao_arp) in 
lat Raaat_cpuO ■ (S_raaat_cpuO , naw_S_raaat_cpuO ) in 
lat Raaat__cpul * (S_ra»at_cpul, naw_S_raaat_cpul) in 
lat Cpu_biat * (S_cpu_biat, naw_S_cpu _J>iat) in 
lat Piu_fail * (S_piu_£ail, naw_S_piu_f ail) in 
lat Cpu0_£all » (S_cpu0_f ail, naw_S_cpuO_fail) in 
lat Cpul_fall * (S_cpul_£ail, naw_S_cpul_£ ail) in 
lat Pnm u _fail « (S_pn*n_£*il/ naw_S_pmm_f ail ) in 


) 11 


(SCOut S_atata Raaat_cport Diaabla_int Raaat plu Raaat_cpuO Raaat_cpul 
Cpu_biat Piu_fail CpuO_£ail Cpul_fail Pmm_£ail)" 


lat SCloc)cOF_REW ■ aava_tha 
( * SCloc)cOF_RRW ' , 

( REWRITE _RULE [ASal; BSal; RSTN] SC_OF) 

);; 

lat SC_Exac * naw_daf inition 
( • SC_Bxac ' , 

"! (aci : SCI ) (a i timaC->a_atata) (a : timaC->a_anv) (p : timaC->a_out) 
(t ttlxnaC) 

SC_Kxac aci a a p t « T" 

); ; 

lat SC_PraC = naw_da£ inition 
( ' sc_PraC ' , 

** ! (aci t SCI ) (a : timaC->a_atata) (a : timaC->a_anv) (p j timaC->a_out ) 
(t JtimaC) . 

SC_PraC aci a a p t * T" 

);/ 
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l#t SC_PoatC ■ naw_daf inition 
( ' SC_PoatC ' , 

"l (aci :SCI) (a : timaC->a_atata) (• : timaC->a_anv) (p * timaC->a_out ) 
(t : t imaC ) . 

SC_PoatC ici i • p t * 

(a (t+1) * SC_NSF (a t> (a t)) /\ 

(p t * SC_OF (at) (at))" 

);/ 

l#t SC_Corract * naw_daf inition 
( 'SC_Corract ' , 

"l (aci iSCI) (a * timaC->a_atata) {• t timaC->a_anv) (p : timaC->a_out ) 
(t :timaC) . 

SC_Corract aci a • p t * 

SC_Rxac aci a apt /\ 

SC_PraC aci a • p t 
•*> 

SC_PoatC aci a • p t" 

) i i 

lat SCSat_Corract » naw_daf inition 
( ' SCSat_Corract ' , 

** i ( m :timaC->a_atata) (• : timaC->a_anv) (p t tiaaC->a_out ) . 

SCSat_Corract a a p * 1 (aci* SCI) (t*timaC) . SC_Corract aci a a p t 

) ; / 

cloaa_thaory { ) ; / 
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4 PIU Requirements Specification 

This section contains the HOL listings for major portions of the PIU requirements specification. Spe- 
cifically, it contains most of the definition for the PIU behavior associated with memory accesses initiated 
by the local processor. 

Subsection 4.1 contains the transaction-level specification for the PIU’s handling of local-processor-ini- 
tiated memory accesses. It contains two theories — piutaux_def defines PlU-level data structures and 
piutransp_def defines the PIU behavior itself. 

Subsections 4.2-4.5 contain the transaction-level specifications for the P-Port, M-Port, C-Port, and R- 
Port, respectively. Each subsection contains two theories, defining the port-level data structures and the 
specifications themselves. Subsections 4.2 and 4.3 contain the abstraction predicates for the P-Port and M- 
Port, respectively. 

4.1 PIU Transaction-Level Specification 

This section contains the theories piutauxpjdef and piutransp_def, defining the PIU transaction-level 
data structures and interpreter. 


Fila: piutaujcp_daf.ini 

Author t { c) D.A. Fura 1992-93 

Data: 2 March 1993 

This fila contains typaa and dafinitions for tha transact ion- lava 1 
spacif ication of tha PIU P-Procass. 


sat_saarch_path (saarch_path( ) 0 [ ' /homa/alvis6/dfura/f tap/piu/hol/llb/ ' / 

' /homa/alvis6/dfura/hol/Library/tools/ ' / 
]);; 


sat_flag ('timing', trua);/ 
systam ' rm piutauxp_daf . th * / ; 
new_thaory 'piutauxp_daf ' ; / 

map naw_parant [ 'wordn_daf ' j ' array_daf ' ; ' inaq ' ; 'piuaux_daf ' ) ; / 

naw_typa_abbr av ( ' wordn ' , m x num- >bool " ) ; ; 
naw_typa_abbrav { 'wordnn • , " i num- > wordn" ) / ; 

% 

Abstract data typa for tha PIU P-Procass instruction opcodas. 


lat PI * 

dafina_typa 'PI' 

'PI = PWritaLM | PRaadLM I PWritaPIU I PRaadPIU | PWritaCB 
PRaadCB ' ; ; 


% 

Abstract data typa for tha PIU transaction opcodas. 


% P-Bus Mas tar Opcodas % 


% 


■% 


% 
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lat pbmop ■ 

da f in*_typ* ' pbmop ' 

'pbmop = PBM_Writ«LM I PBM_Writ«PID I PBM_Writ«CB I PBM_R«adLM I 
PBM_R»adPIO | PBM_R*adCB I PBM_Ill«gal ' ; 1 

% P-Bua Slav* Opcodas % 
lat pb»op = 

d#fina_typa 'pbaop' 

'pbaop = PBS_R*ady j PBS_Ill*gal ' ; ; 

% M-Bua Maatar Opcodaa % 
let mbmop *= 

da f in*_typ* ' mbmop 1 

'mbmop - MBM_WritaLM I MBM_RaadLM I MBM_Idla | MBM_Ill«oal ' ; ; 

% M-Bua Slava Opcoda* % 
lat mbs op = 

d*fina_typ* 'mbsop' 

'mb a op * MBS_Raady t MBS_Ill*gal ' / ; 

% C-Bus Maatar Opcoda a % 
lat cbmop * 

da f in*_typa ' cbmop ' 

# cbmop * CBM_Writ*CB I CBM_R*adCB I CBM_Idla I CBM_Ill*gal ' / / 

% C-Bus Slava Opcodaa % 
lat cbsop = 

dafina_typa 'cbsop' 

' cbaop ■ CBS_Raady I CBS_Ill*gal ' ; ; 

% I -Bus Slava Opcodaa % 
let ibsop * 

daf in*_typ* ' lbs op ' 

' ibaop ■ IBS_Raady I IBS_Idla | IBS_Ill*gal ' / / 

% I -Bub Arbitration-Maatar Opcodaa % 
lat ibamop * 

daf in*_typ* ' Ibamop ' 

' ibamop * IBAM_ProcP I IBAM_ProcP I IBAM_Ill*gal ' ; ; 

% I-Bua Arbit rat ion-S lava Opcodaa % 
lat ibasop = 

daf ina_typa ' ibaaop ' 

' ibaaop - IBAS_Raady I IBAS_Ill*gal ' / / 

% Bnvironmant-Raaat Maatar Opcodaa % 
lat arroop * 

daf in*_typ* ' arroop ' 

'armop = BRM_NoR*a*t I BRM_Ill*gal ' ; j 

% Intaraal-Rasat Maatar Opcodaa % 
lat rmop « 

daf ina_typa 'rmop' 

'rmop = RM_NoRaaat 1 RM_Illagal ' ; ; 


% 

Abstract data typa for tha mamory accaaa targat . 


% 


lat targ_Axiom = 

daf ine_typ* 'targ_Axiom' 

'targ * LM I PIU I CB'j; 


% 

Abstract data typa for tha atata. 


■% 


lat piut_atata * 

daf lna_typa 'piut_atata' 

'piut_atata ■ PIUTStata wordn wordn wordn wordn wordn wordn wordn 

wordn wordn wordn wordn wordn afanutY'ff 
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lat RT_icrS * naw_racursiva_daf ini t ion 
falsa 

piut_stata 

'R^lcrS' 

"R^ierS (PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_±n RT_ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_f sm^stata) 

■ RT_icr" ; ; 

lat RT ctctS ■ naw_racursiva_daf inition 
falsa 

piut_stata 
# RT_gcrS ' 

"RT_gcrS (PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_f sm_stata) 

■ RT_gcr"/ ; 

lat RT_ccrS * naw_racursiva_daf inition 

falsa 

piut_stata 
# RT_ccrS ' 

"RT_ccrS {PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT__ctr2 RT_ctr3 
ST_fsia_stata) 

* RT_ccr" ; / 

lat RT_srS * naw_racursiva_daf inition 
falsa 

piut_stata 
' RT_srS ' 

"RT_arS {PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_ln RT_ctr3_in RT_ctrO RT_ctrl RT__ctr2 RT_ctr3 
ST_f sm^stats ) 

* RT_s T” t i 

lat RT_ctrO_inS * naw_racursiva_daf inition 
falsa 

piut_stata 
' RT_ctrO_inS * 

"RT_ctrO_inS {PIUTStata RT_icr RT_gcr RT_ccr RT__sr RT_ctrO_in RT_ctrl_in 
RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_f sm^stata) 

= RT_ctrO_in" / ; 

lat RT_ctrl_inS * naw__racur*iva_daf inition 

falsa 

piut_stata 

'RT_ctrl_inS' 

"RT_ctrl__inS (PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 
RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_f sm_*tata) 

* RT_ctrl_in*; ; 

lat RT_ctr2_inS * naw_racursiva_daf inition 
falsa 

piut_stata 
'RT_ctr2_inS J 

"RT_ctr2_inS (PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 
RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_f sm_stata) 

* RT_ctr2_in w ; ; 


lat RT_ctr3_inS * naw_rac\irsiva_daf inition 
falsa 

piut_stata 
# RT_ctr3_infl • 

# 'RT_ctr3_inS (PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 
RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_fsit_*tata) 

* RT_ctr3_in w j ; 
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l«t RT_ctrOS * naw_racursiva_da£ ini t ion 
fall* 

piut_stata 

'RT_ctrOS' 

"RT_ctrOS (PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_ln RT_ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_f sm_stata) 

* RT_ctrO w ; ? 

lat RT_ctrlS * naw_racursiva_daf inition 
falsa 

piut_stata 
'RT_ctrlS ' 

"RT — ctrlS (PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT.ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_f sm_stata) 

* RT_ctrl w ; / 

lat RT_ctr2S = naw_racursiva_daf init ion 
falsa 

piut_stata 

'RT_ctr2S' 

"RT_ctr2S (PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_ln RT_ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_f sm_stata) 

= RT_ctr2 " / ) 

lat RT_ctr3S - naw_racursiva_daf ini t ion 

falsa 

piut_stata 

'RT_ctr3S' 

"RT_ctr3S (PIUTStata RT_icr RT_gcr RT_ccr RT_»r RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3 
ST_fsm_»tata) 

■ RT_ctr3"; ; 

lat ST_f sm^stataS * naw_ra curs iva_daf ini t ion 

falsa 

piut_stata 
'ST_f sm^stataS' 

"ST_fsm_s tat aS (PIUTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 
RT_ctr3 ST_f sm_stata) 

= ST_f sm_*tata"; ; 
lat Stata_CASHS a 

prova casas_thzn (prova_i.nducti.on_tbxn pi.nt_stata ) j ; 

lat PIUTStata_Salactors_Work - prova_thm 
( 'PIUTStata_Salactors_Work' , 

" ! (s :piut_stata) . 

s * (PIUTStata (RT_lcrS s) (RT_gcrS s) (RT_ccrS s) (RT_srS s) (RT_ctrO_inS s) 
(RT_ctrl_inS s) (RT_ctr2_inS s) (RT_ctr3_inS a) (RT_ctrOS s) 
(RT_ctrlS s)(RT_ctr2S s) (RT_ctr3S s) (ST_f am^atataS a))", 

QBN_TAC 

THEN STRUCT_CASKS_TAC ( SPKC "s :piut_stata" Stata_CASBS) 

THEN RBWRITB_TAC [RT_icrS; RT_gcrS;RT_ccrS; RT_srS;RT_ctrO_inS;RT_ctrl_inS; 

RT_c tr2_inS ; RT_ctr 3_±nS } RT_ct rOS ; RT_ct rlS ; RT_ctr2S ; RT_ctr 3 S ; 
ST_f sm_stat as ] 

);; 


% 

Abstract data typa for tha anvironmant . 


■% 


lat piut_anv * 

dsf ina_typa 'piut_anv' 

'piut_anv - PIUTBnv pbroop wordn wordnn wordn wordnn bool 
mbsop wordnn 
cbsop wordnn 
armop ' ; ; 
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lat PB_Opcoda_inB ■ naw_racursiva_daf ini t ion 
ftlst 
piut_anv 
' PB_Opcoda_inB ' 

"PB_Opcoda_inE (PIUTBnv PB_Opcoda_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in MB_Opcoda_in MB_Data_in 
CB_Opcoda_in CB_Data_in BRM_Rasat_in) 

* PB_Opcoda_in" ; / 

lat PB_Addr _ inH * naw_r a cur siva_daf inition 
falsa 
piut_anv 
' PB_Addr_inE 1 

u P B_Addr _ 1 nE (PIUTBnv PB_Opcoda_in PB_Addr_ln PB_Data_in PB_BS_in 

PB_BB_ln PB_Lock_in MB_Opcods_in MB_Data_in 
CB_Opcoda_in CB_Data_in BRM_Rasat_in) 

« PB_Addr_in" ; / 

lat PB_Data_inB ■ naw_racursiva_daf inition 
falsa 
piut_anv 
' PB_Data_inB * 

"PB_Data_inE (PIUTBnv PB_Opcoda_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in HB_Opcoda_in MB_Data_in 
CB_Opcoda_in CB_Data_in BRM_Rasat_in) 

« PB_Data_in"; / 

lat PB_BS_inB » naw_racursiva_daf inition 
falsa 
piut_anv 
' PB_BS_inB ' 

*PB_BS_inE (PIUTBnv PB_Opcoda_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in MB_Opcoda_in MB_Data_in 
CB_Opcoda_in CB_Data_in BRM_Rasat_in) 

■ PB_BS_in* r ; ; 

lat PB_BB_inB ■ naw_racursiva_dsf inition 

falsa 

piut_anv 
' PB_BK_inB ' 

*PB_BB_inB (PIUTBnv PB_Opcoda_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in MB_Opeoda_in HB_Data_in 
CB_Opcoda_in CB_Data_in BRM_Rasst_in) 

- PB_BB_in" ; ; 

lat PB_Lock_inB ■ naw_racursiva_daf inition 
falsa 
piut_anv 
' PB_Lock_inB • 

< 'PB_Lock_inE (PIUTBnv PB_Opcoda_in PB _Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in HB_Opcoda_in MB_Data_in 
CB_Opcoda_in CB_Data_in BRM_Rasat_in) 

■ FB_Lock_in"' j ; 

lat MB_Opcoda_inB * naw_racur»iva_daf inition 
falsa 
piut_anv 
' MB_Opcoda_inB • 

"MB__0pcoda_inB (PIUTBnv PB_Opcoda_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in MB_Opcoda_in MB_Data_in 
CB_Opcoda_in CB_Data_in BRM_Rasat_in) 

m MB_Opcoda_in w ; / 

lat MB_Data_inB * naw_racurslva_daf inition 
falsa 
piut_anv 
, MB_Data_inB / 

*MB_Data_inB (PIUTBnv PB_Opcods_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in MB_Opcoda_in MB_Data_in 
CB_Opc oda_ in CB_Data_in BRM_Rasat_in) 

a MB_Data_in" ; ; 
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let CB_Opcode_inB = new_recursive_def ini t ion 
f alee 
plut_env 
' CB_Opcods_inE * 

"CB_Opcode_inB ( PIUTBnv PB_Opcode_in PB_Addr_in PB_Data_in PB_BS_in 

PB_B3_in PB_Lock_in MB_Opcode_in MB_Data_in 
CB_Opcode_in CB_Data_in BRM_Reset_in) 

= CB_Opcode_in" ; ; 

let CB_Data_inB * new_recursive_def ini t ion 
false 
piut_env 
'CB_Data_inE ' 

"CB_Data_inE (PIUTBnv PB_Opcode_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BK_in PB_Lock_in MB_Opcode_in MB_Data_in 
CB_Opcode_in CB_Data_in BRM_Resst_in) 

« CB_Data_in"; ; 

let BRM_Reset_±nE * new_recursive_def inition 
false 
piut_env 
' BRM_Reset_lnE ' 

"BRM_Reset_inE (PIUTBnv PB_Opcods_in PB_Xddr_in PB_Data_in PB_BS_in 

PB_BK_in PB_Lock_in MB_Opcode_in MB_Data_in 
CB_Op c ode_ln CB_Data_in BRM__Reset_in) 

* ERM_Reset_in"; / 
let Bnv_CASBS = 

prove_cases_thm (prove_induction_thm piut_env) ; ; 

let PTEnv_Selectors_Work * prove_thm 
( 'PTBnv_Selectors_Work * , 

" ! (e *piut_env) 

e * (PXUTBnv ( PB_Opcode_inB e) {PB_Addr_inK e) (PB_Data_inB e) 

(PB_BS_inB e) (PB_BB_inE e) ( PB_Lock_inE e) (MB_Opcode_inE e) 
(MB_Data_lnB e) ( CB_Opcode_inK e) (CB_Data_lnB e) 
(BRM_Reset_inB e))", 

OBN_TXC 

THEN STRUCT_CASBS_TAC (SPBC "e : piut_env" Env_CASES) 

then REWRITB_TAC tPB_Opcods_inB ; PB_Addr_inB; PB_Data_lnB; 

PB_BS_inB; PB_BK_inB; PB_Lock_inB ; MB_Opcode_inB ; 
MB_Data_inB; CB_Opcode_inB; CB_Data_lnBj BRM_Reset_inB] 

> 1 ; 


% 

Abstract data type for the output . 


let plut_out * 

def ine_type ' piut_out * 

'piut_out * PIUTOut pbsop wordnn 

mbmop wordnn wordnn wordn 

cbmop wordn wordnn wordn wordnn ' ; ; 

let PB_Opcode_outO = new_recursive_def inition 
false 
piut_out 
' PB_Opcode_outO * 

"PB_Opcode_outO {PIUTOut PB_Opcods_out PB_Data_out MB_Opcode_out 

HB_Xddr_out MB_Data„out MB_BS_out CB_Opcode_out 
CB_Addr_out CB_Data_out CB_BS_out CB_BB_out ) 

m PB_Opcode_out * ; ; 

let PB_Data_outO * new_re cur sive_def inition 
false 
piut_out 
' FB_Data_outO ' 

*PB_Data_outO (PIUTOut PB_Opcods_out PB_Data_out MB_Opcode_out 

MB_Xddr__out MB_Data_out MB_BS_out CB_Opcods_out 
CB_Addr_out CB_Data_out CB_BS_out CB_BK_out ) 

* PB_Data_out" j } 



let MB_Opcode__outO = new_racursiva_def initlon 
falsa 
piut_out 
'MB_Opcode_outO ' 

"MB_Opcode_outO (PIUTOut PB_Opcoda_out PB_Data_out MB_Opcods_out 

MB_Addr_out MB_Data_out MB_BS_out CB_Opcode_out 
CB_Addr_out CB_Data_out CB_BS_out CB_BB_out ) 

* MB_Opcode_out #r ; / 

let MB_Addr_outO = new_recursive_def initlon 
false 
piut_out 
' MB_Addr_ou 1 0 ' 

"MB_Addr _ou 1 0 (PIUTOut PB_Opcode_out PB_Data_out MB_Opc ode_ou t 

MB_Addr_out MB_Data_out MB_BS_out CB_Opcode_ou t 
CB_Addr_out CB_Data_out CB_BS_out CB_BB_out ) 

= MB_Addr_out " ; ; 

let MB_Data_outO * new_recursive_def initlon 
false 
plut_out 
'MB_Data_outO ' 

"MB_Data_outO (PIUTOut PB_Opcode_out PB__Data_out MB_Opcode_out 

MB _Addr_out MB_Data_out MB_BS_out CB_Opcode_out 
CB_Addr_out CB_Data_out CB_BS_out CB_BB_out ) 

* MB_Data_out"; ; 

let MB_BS_outO * new_recurslve_def Initlon 
false 
piut_out 
# MB_BS_outO ' 

"MB_BS_outO (PIUTOut PB_Opcode_out PB_Data_out MB_Opcoda_out 

MB_Addr_out MB_Data_out HB_BS_out CB_Opcode_out 
CB_Addr_out CB_Data_out CB_BS_out CB_BB_out) 

. MB_BS_out " ; ; 

let CB_Opcode_outO * new_recursive_def initlon 
false 
piut_out 
J CB_Opc ode_ou t 0 ' 

"CB_Opcode_outO (PIUTOut PB„Opcode_out PB_Data_out MB_Opcode_out 

MB_Addr_out MB_Data_out MB_BS_out CB_Opcode_out 
CB_Addr_out CB_Data_out CB_BS_out CB__BE_out ) 

* CB_Opcods_out "/ ; 

let CB_Addr_outO * new_recursive_def initlon 
false 
piut_out 
'CB_Addr_outO' 

"CB_Addr_ou t O (PIUTOut PB_Opcode_out PB_Data_out MB_Opcode_out 

MB_ Addr _ou t MB_Data_out MB_BS_out CB_Opcode_ou t 
CB_Addr_out CB_Data_out CB_BS_out CB_BB_out) 

* CB_Addr_out ” ; / 

let CB_Data_outO « new_recursive_def initlon 
false 
piut_out 
'CB_Data_outO ' 

"CB_Data_outO (PIUTOut PB_Opcode_out PB_Data_out MB_Opcode_out 

MB_Addr_out MB_Data_out MB_BS_out CB_Opcod«_out 
CB_Addr_out CB_Data_out CB_BS_out CB_BB_out ) 

■ CB__Dat a_out * ; ; 

let CB_BS_outO * new_re curs ive_def initlon 
false 
piut_out 
' CB_BS_outO ' 

*CB_BS_outO (PIUTOut PB_Opcode_out PB_Dat a_out MB_Opcode_out 

MB_Addr_out HB_Data_out MB_BS_out CB_Opcode_out 
CB_Addr _ou t CB_Data_out CB_BS_out CB_BB_out ) 

» CB_BS_out"/; 
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let CB_BE_outO = new_recursive_def inition 
false 
piut_out 
' CB_BE_outO ' 

"CB_BB_outO (PIUTOut PB_Opcode_out PB_Data_out MB_Opcode_out 

MB_Addr_out MB_Data_out MB_BS_out CB_Opcode_out 
CB_Addr_out CB_Data_out CB_BS_out CB_BE_out ) 

* CB_B3_out " 7 ; 
let Out _C ASKS = 

prove_cases_thm (prove_induction_thm piut_out ) ; ; 

let PTOut_Selectors_Work = prove_thm 
( ' PTOut_Selectors_Work ' , 

" ! <p tpiut_out) . 

p = (PIUTOut ( PB_Opcode_outO p) ( PB_Data_outO p) (MB_Opcode_outO p) 

( MB_Addr_outO p) (MB_Data_outO p) (MB_BS_outO p) 

( CB_Opcode_outO p) (CB_Addr_outO p) (CB_Data_outO p) 
(CB_BS_outO p) (CB_BB_outO p))", 

QEN_TAC 

THEN STRUCT_CASBS_TAC (SPEC "p:piut_out" Out_CASES) 

THEN RBWRITB_TAC [PB_Opcode_outO; PB_Data_outO; MB_Opcode_outO; 

MB_Addr_outO; MB_Data_outO/ MB_BS_OUt0; CB_Opcode_OUtO? 
CB_Addr_outO 7 CB_Data_outO; CB_BS_outO; CB_BE_outO] 


% 

Memory Target Predicates . 


% 


let CBusAddrP » new_def inition 
( ' CBusAddrP ' , 

"! (a twordn) . CBusAddrP a - ELEMENT a (29) " 

) Ji 

let PRegAddrP - new_def inition 
( ' PRegAddrP ' , 

"1 (a twordn) . 

FRagAddrP a - - (ELEMENT a (29)) /\ (SUBARRAY a (23,22) « WORM! 1 3)' 

) i ; 

let LMemAddrP = new_.de f inition 
( ' LMemAddrP ' , 

" ! (a twordn) . 

LMamAddrP a = - ( ELEMENT a (29)) /\ -(SUBARRAY a (23,22) - WORDN 1 3)” 

) i > 

let RegOP * new_def inition 
( 'RegOP ' , 

«! (a iwordn) . RagOP a « PRagAddrP a /\ (SUBARRAY a (3,0) - WORDN 3 0)» 

) ; ) 

let ReglP * new_def inition 
( 'ReglP ' , 

-1 (a twordn) . ReglP a * PRegAddrP a /\ (SUBARRAY a (3,0) = WORDN 3 1)" 

) ; ; 

let Reg2P * new_def inition 
( 'Reg2P ' , 

-j (a twordn) . Reg2P a « PRegAddrP a /\ (SUBARRAY a (3,0) « WORDN 3 2)" 
)/? 

let Reg3P = new_def inition 
( ' Reg3P ' , 

-! (a twordn) . Reg3P a * PRegAddrP a /\ (SUBARRAY a (3,0) = WORDN 3 3)- 
) ;/ 

let Reg4P ■ new_def inition 
( ' Reg4P ' , 

-1 (a twordn) . Reg4P a - PRegAddrP a /\ (SUBARRAY a (3,0) « WORDN 34)" 

);; 
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lat Rag5P « naw_daf inition 
( 'RagSP ' , 

*1 (a iwordn) . Rag5P a * PRagAddrP a A (SUBARRAY a (3,0) = WORDN 35)" 

) ; / 

lat RagfiF * naw_daf inition 
( 'RagSP ' , 

"I (a iwordn) . Rag6P a * PRagAddrP a /\ (SUBARRAY a (3,0) » WORDN 3 6)" 
)/; 

lat Rag7P ■ naw_daf inition 
( 'Rag7P ' , 

u l (a iwordn) . Rag7P a « PRagAddrP a /\ (SUBARRAY a (3,0) * WORDN 3 7)" 

);/ 

lat Rag8P ■ naw_daf inition 
( ' Rag8P * , 

"I (a iwordn) . Rag8P a * PRagAddrP a A {SUBARRAY a (3,0) » WORDN 38)" 
);/ 

lat Rag9P « naw_daf inition 
( 'Rag9P ' , 

"! (a iwordn) . Rag9P a » PRagAddrP a /\ (SUBARRAY a (3,0) * WORDN 39)" 
);/ 

lat RaglOP - naw_daf inition 
( 'RaglOP ' , 

M ! (a iwordn) . RaglOP a » PRagAddrP a A (SUBARRAY a (3,0) * WORDN 3 10)" 
)/; 

lat RagllP « naw_da£ inition 
( 'RagllP ' , 

"1 (a iwordn) . RagllP a - PRagAddrP a A (SUBARRAY a (3,0) » WORDN 3 11)" 

);/ 

lat Ragl2P ■ naw_daf inition 
( 'RagllP ' , 

"! (a iwordn) . RagllP a * PRagAddrP a A (SUBARRAY a (3,0) » WORDN 3 12)" 
)// 

lat Ragl3P ■ naw.daf inition 
( 'Ragl3P ' , 

(a iwordn) . Ragl3P a * PRagAddrP a A (SUBARRAY a (3,0) « WORDN 3 13)" 

);/ 

lat Ragl4P * naw_daf inition 
( ' Ragl4P ' , 

(a iwordn) . Ragl4P a e PRagAddrP a /\ (SUBARRAY a (3,0) - WORDN 3 14)" 

);; 

lat Ragl5P « naw_da£ inition 
( ' Ragl5P ' , 

"! (a iwordn) . RaglSP a * PRagAddrP a A (SUBARRAY a (3,0) » WORDN 3 15)" 
)/; 

closa_thaory ( ) ; ; 


Filat piutransp_daf.ini 

Author: (c) D . A* Fur a 1992-93 

Datai 2 March 1993 

Thia ffila contains tha transact ion -lava 1 bahavioral spacif ication for tha 
P-Procasa for tha PTHP PIU, an ASIC davalopad by tha Smbaddad Procaaaing 
Laboratory, Boaing High Tachnology Cantar. Tha P-Procaaa dafinas mamory 
accaaa transactions initiatad by tha local PMM procassor. 
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a«t_aaarch_path (aaarch_path( ) » [ ' /homa/alvia6/dfura/f tep/piu/hol/piu/pproc/ ' / 

' /homa/alvia6/dfura/f tap/piu/hol/lib/ ' / 

' /homa/alvia6/dfura/hol/Library/aba_thaory/ ' ; 

' I horoa /alvia 6 /dfura/ hoi /Library /tool#/ ' 

])?; 

aat_f lag ('timing', tm •);; 
ayatam 'rm piutranap_daf . th' ; ; 
naw_thaory 'piutranap_daf ' ; ; 
loadf ' aba_thaory ' ; ; 

map naw_parant [ 'piuaux_daf ' ; 'piutauxp.daf ' / 'wordn_da£ ' ; 'array_daf ' 7 ' inaq' ] ; / 
naw_typa_abbrav ( ' timaT ' , " : nua" ) ; 7 

lat REP_ty = aba_typa_inf o (thaoram 'piuaux_daf ' 'REP');; 

% 

Naxt-atata function dafinitiona for PIU P-Procaaa. 


lat PStable_Stata_NSF » naw_daf inition 
( 'PStabla_Stata_NSF ' , 

"! (a *piut_atata) (a xpiut_anv) . 

PStabla_Stata_NSF a a ■ 

lat naw_RT_icr « RT_icrS a in 

lat naw_RT_gcr « RT_gcrS a in 

lat naw_RT_ccr ■ RT_ccrS a in 

lat naw_RT_ar * (ARBN: wordn) in 

lat naw_RT_ctrO_in • RT_ctrO_inS a in 

lat naw_RT_ctrl_in » RT_ctrl_inS a in 

lat naw_RT_ctr2_in ■ RT_ctr2_inS a in 

lat naw_RT_ctr3_in * RT_ctr3_inS a in 

lat naw_RT__ctrO * RT_ctrOS a in 

lat naw_RT_ctrl ■ RT_ctrlS a in 

lat naw_RT_ctr2 ■ RT_ctr2S a in 

lat naw_RT_ctr3 * RT_ctr3S a in 

lat naw_ST_fam_atata * ST_f am_a tat aS a in 

(PlUTStata naw_RT_icr naw_RT_gcr naw_RT_ccr naw_RT_ar naw_RT_ctrO_in 
naw_RT_ctrl_in naw_RT_ctr2_in naw_RT_ctr3_in naw_RT_ctrO 
naw_RT_ctrl naw_RT_ctr2 naw_RT_ctr3 naw_ST_f am^atata) " 


lat PWr i t a_P IU_NSF * naw_daf inition 
( ' PWr ita_PIU_NSF ' , 

-1 (a ipiut_atata) (a ipiut_anv) . 

PWr i t a_P IU_NSF a a - 

lat RT_icr ■ RT_icrS a and 

RT_gcr ■ RT_gcrS a and 

RT_ccr * RT_ccrS a and 

RT_ctrO_in * RT_ctrO_inS a and 
RT_ctrl_in ■ RT_ctrl_inS a and 
RT_ctr2_in * RT_ctr2_inS a and 
RT_ctr3_in - RT_ctr3_inS a and 
RT_ctrO * RT_ctrOS a and 

RT_ctrl - RT_ctrlS a and 

RT_ctr2 ■ RT_ctr2S a and 

RT_ctr3 * RT_ctr3S a in 

lat PB_Addr_in * PB_Addr_inB a and 
PB_Data_in - PB_Data_inB a and 
PB_BS_in * PB_BS_inE a and 
PB_BB_in ■ PB_BE_inB a in 
lat naw_RT_icr « 

( ( (RagOP PB_Addr_in) /\ (VAL 1 PB_BS_in -0)) «> 

( ANDK 31 (ELEMENT PB_Data_in (0)) RT_icr) I 
( (Ragl5P PB_Addr_in) t\ (VAL 1 PB_BS_in « 1) ) «> 

( ANDN 31 (ELEMENT PB_Data_in (1)) RT_icr) I 
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( (Ragl4P PB_Addr_in) /\ (VAL 1 PB_BS_in * 2)) »> 

{ANDN 31 (BLBKBNT PB_Data_in (2)) RT_icr) I 
( (RaglSP PB_Addr_in) /\ (VAL 1 PB_BS_in » 3)) *> 

(ANDN 31 (BLBKBNT PB_Data_in (3)) RT_icr) I 
(RaglP PB_Addr_in) »> 

(ORN 31 (BLBMBNT PB_Data_in (0)) RT_icr) I 
( (Rag OP PB_Addr_in) A (VAL 1 PB_BS_in >* 1)) «> 

(ANDN 31 (BLBMBNT PB_Data_in (1)) 

(ORN 31 (BLBMBNT PB_Data_in (0)) RT_icr) ) | 

((RaglSP PB_Addr_in) /\ (VAL 1 PB_BS_in >= 2)) *> 

(ANDN 31 (BLBMBNT PB_Data_in (2)) 

(ORN 31 (BLBMBNT PB_Data_in (1)) RT_icr) ) I 
( (Ragl4P PB_Addr_in) /\ (VAL 1 PB_BS_in >« 3)) =*> 

(ANDN 31 (BLBMBNT PB_Data_in (3)) 

(ORN 31 (BLBMBNT PB_Data_in (2)> RT_icr) ) | RT_icr) in 

lat naw_RT_gcr * 

( (Rag2P PB_Addr_in) ■> BLBMBNT PB_Data_in (0) | 

(Rag IP PB_Addr_in /\ 

(VAL 1 PB_BS_in >* 1)) ■> BLBMBNT PB_Data_in (1) I 
(RagOP PB_Addr_in /\ 

(VAL 1 PB_BS_in >« 2)) *> BLBMBNT PB_Data_in (2) | 

(RaglSP PB_Addr_in A 

(VAL 1 PB_BS_in >* 3)) «> BLBMBNT PB_Data_in (3) | RT _gcr) in 

lat naw_RT_ccr * 

( (Rag3P PB_Addr_in) *> BLBMBNT PB_Data_in (0) | 

( Rag2 P PB_Addr_in /\ 

(VAL 1 PB_BS_in >« 1)) *> BLBMBNT PB_Data_in (1) | 

(RaglP PB_Addr_in /\ 

(VAL 1 PB_BS_in >= 2)) *> BLBMBNT PB_Data_in £2) I 
(RagOP PB_Addr_in /\ 

(VAL 1 PB_BS_in >« 3)) *> BLBMBNT PB_Data_in (3) [ RT_ccr) in 

lat naw_RT_»r ■ ( ARBN : wordn ) in 
lat naw_RT_ctrO_in * 

((RagSP PB_Addr_in) •> BLBMBNT PB_Data_in (OJ | 

(Rag7P PB_Addr_in A 

(VAL 1 PB_BS_in >- 1)) «> BLBMBNT PB_Data_in (1) I 
(Rag6P PB_Addr_in /\ 

(VAL 1 PB_BS_in >* 2)) «> ELEMENT PB_Data_in (2) | 

(RagSP PB_Addr_in /\ 

(VAL 1 PB_BS_in >- 3)) «> BLBMBNT PB_Data_in (3) i RT_ctr0_in) in 
lat naw_RT_ctrl_in * 

( (Rag9P PB_Addr_in) *> ELEMENT PB_Data_in (0) | 

(RagSP PB_Addr_in /\ 

(VAL 1 PB_BS_in >* 1)) *> BLBMBNT PB_Data_in (1) | 

(Rag7P PB_Addr_in /\ 

(VAL 1 PB_BS_in >* 2)) «> BLBMBNT PB_Data_in (2) | 

(RagSP PB_Addr_in /\ 

(VAL 1 PB_BS_in >» 3)) -> BLBMBNT PB_Data_in (3) | RT_ctrl_in) in 

lat naw_RT_ctr2_in * 

( (RaglOP PB_Addr_in) -> BLBMBNT PB_Data_in (0) | 

(Rag9P PB_Addr_in /\ 

(VAL 1 PB_BS__in >« 1)) «> BLBMBNT PB_Data_in (1) | 

(RagSP PB _Addr_in /\ 

(VAL 1 PB_BS_in >* 2)) -> BLBMBNT PB_Data_in (2) I 
(Rag7P PB _Addr_in /\ 

(VAL 1 PB_BS_in >- 3)) *> BLBMBNT PB_Data_in (3) | RT_ctr2_in) in 

lat naw_RT_ctr3_in * 

( (RagllP PB_Addr_in) »> BLBMBNT PB_Data_in (0) | 

(RaglOP PB_Addr_in /\ 

(VAL 1 PB_BS_in >■ 1)) -> BLBMBNT PB_Data_in (1) | 

(Rag9P PB_Addr_in /\ 

(VAL 1 PB_BS_in >- 2)) -> BLBMBNT PB_Data_in (2) | 

(RagSP PB_Addx_in /\ 

(VAL 1 PB_BS_in >- 3)) ■> BLBMBNT PB_Data_in (3) | RT_ctr3_in) in 

lat naw_RT_ctrO * 

( (Ragl2P PB_Addr_in) «> BLBMBNT PB_Data_in (0) | 

(RagllP PBJfcddr.in /\ 

(VAL 1 PB_BS_ln >« 1) ) «> BLBMBNT PB_Data_in (1) | 

(RaglOP PB_Addr_in /\ 

(VAL 1 PB_BS_in >* 2 ) ) «> BLBMBNT PB_Data_in (2) I 
(Rag9P PB_Addr_in /\ 

(VAL 1 FB_BS_in >* 3)) -> BLBMBNT PB_Data_in (3) | RT_ctrO) in 
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lat naw_RT_ctrl ■ 

((Ragl3P PB_Addr_in) -> ELEMENT PB_Data_in (0) I 
(Ragl2P PB_Addr_in /\ 

(VAL 1 PB_BS_in >= 1)) *> ELEMENT PB_Data_in (1) I 
(RagllP PB_Addr_in /\ 

(VAL 1 PB_BS_in >* 2)) ■> ELEMENT PB_Data_in (2) I 
(RaglOP PB_Addr_in /\ 

(VAL 1 PB_BS_in >- 3)) *> ELEMENT PB_Data_in (3) I RT_ctrl) in 
lat naw_RT_ctr2 * 

( (Ragl4P PB_Addr_in) => ELEMENT PB_Data_in (0) I 
(Ragl3P PB_Addr_in /\ 

(VAL 1 PB_BS_in >* 1}) «> ELEMENT PB_Data_in (1) I 
(Rag 12 P PB_Addr_in /\ 

(VAL 1 PB_BS_in >* 2}) *>BLEMBNT PB_Data_in (2) I 
(RagllP PB_Addr_in /\ 

(VAL 1 PB_BS_in >* 3)) *> ELEMENT PB_Data_in (3) I RT_ctr2) in 
lat naw_RT_ctr3 ■ 

( (Ragl5P PB_Addr_in) ■> ELEMENT PB_Data_in (0) I 
(Ragl4P PB_Addr_in /\ 

(VAL 1 PB_BS_in >« 1)) »> ELEMENT PB_Data_in (1) I 
(Ragl3P PB_Addr_in /\ 

(VAL 1 PB_BS_in >« 2)) *> ELEMENT PB_Data_in (2) 1 

(Ragl2P PB_Addr_in /\ 

(VAL 1 PB_BS_in >= 3)) *> ELEMENT PB_Data_in (3) | RT_ctr3) in 

lat naw_ST_f sm_stata * ST_f sm_stataS s in 

(PIUTStata naw_RT_icr nay RT acr naw_RT_ccr naw_RT_sr naw_RT_ctrO_in 
naw_RT_ctrl_in naw_RT„ctr2_in naw_RT_ctr3_in naw_RT_ctrO 
naw_RT_ctrl naw_RT_ctr2 naw_RT_ctr3 naw_ST_f am^atata) " 


output function dafinitions for tha PIU P-Procass instructions. 


lat PWritaLM_OF * naw_da£ inition 
( ' PWritaLM_OF ' , 

"1 (rap : A RBP_ty) (s :piut__stata) (a spiut_anv) . 

FWritaLM_OF rap s a = 

lat PB_Opcoda_out * PBS_Raady in 

lat PB_Data_out = (ARBN tnum->wordn) in 

lat MB_Opcoda_out * MBM_WritaLM in 

lat bs « VAL 1 (PB_BS_inB a) in 

lat aO = PB_Addr_in B a in 

lat a0_0 - ALTER ARBN (0) aO in 

lat al_0 * ALTER a0_0 (1) (bs > 0 => (INCN 18 aO) | ARBN) in 

lat a2_0 « ALTER al__0 (2) (bs > 1 *> (INCN 18 (INCN 18 aO) ) I ARBN) in 

lat a3_0 = ALTER a2_0 (3) (bs > 2 *> (INCN 18 (INCN 18 (INCN 18 aO) ) ) 

I ARBN) in 

lat MB_Addr_out * a3_0 in 

lat do « ELEMENT ( PB_Data_inB a) (0) in 

lat dl * ELEMENT (PB_Data_inB a) (1) in 

lat d2 * ELEMENT (PB_Data_inB a) (2) in 

lat d3 - ELEMENT (FB_Data_inE a) (3) in 

lat mO m Ham_Dac rap (ELEMENT (MB_Data_inE a) (0)) in 

lat ml * Ham_D«c rap (ELEMENT (MB_Data_inE a) <D) in 

lat m2 - Ham__Dac rap (ELEMENT (MB.Data.inE a) (2)) in 

lat m3 - Ha blDsc rap (ELEMENT (HB_Data_inE a) (3)) in 

lat baO - ELEMENT ( PB_BB_inE a) (0) in 

lat bal * ELEMENT ( PB_BB_inE a) (1) in 

lat ba2 * ELEMENT ( PB_BB_inE a) (2) in 

lat ba3 = ELEMENT ( PB_BB_inB a) (3) in 

lat oOO - ELEMENT baO (0) «> SUBARRAY dO (7,0) I SUBARRAY m0 (7,0) in 

lat oOl - ELEMENT baO (1) -> SUBARRAY dO (15,8) I SUBARRAY mO (15,8) in 

lat o02 • ELEMENT baO (2) «> SUBARRAY dO (23,16) I SUBARRAY mO (23,16) in 

lat o03 « ELEMENT baO (3) «> SUBARRAY dO (31,24) I SUBARRAY mO (31,24) in 

lat olO • ELEMENT bal (0) «> SUBARRAY dl (7,0) I SUBARRAY ml (7,0) in 

lat oil - ELEMENT bal (1) -> SUBARRAY dl (15,8) I SUBARRAY ml (15,8) in 

lat ol2 * ELEMENT bal (2) *> SUBARRAY dl (23,16} I SUBARRAY ml (23,16) in 

lat ol3 - ELEMENT bal (3) *> SUBARRAY dl (31,24) I SUBARRAY ml (31,24) in 
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1st o20 * KLBMBNT bs2 (0) »> SUBARRAY d 2 (7,0) | SUBARRAY m2 (7,0) in 

let ©21 - KLKMBNT bs2 (1) ■> SUBARRAY d2 (15,6) I SUBARRAY m2 (15,6) in 

1st o22 * KLKMBNT bs2 (2) «> SUBARRAY d2 (23,16) | SUBARRAY m2 (23,16) in 

1st o23 - KLKMBNT bs2 (3) ■> SUBARRAY d2 (31,24) I SUBARRAY m2 (31,24) in 

1st o30 * KLBMBNT b*3 (0) a> SUBARRAY d3 (7,0) | SUBARRAY m3 (7,0) in 

1st ©31 - KLBMBNT bs3 (1) -> SUBARRAY d3 (15,6) | SUBARRAY m3 (15,8) in 

1st o32 - KLBMBNT bs3 (2) -> SUBARRAY d3 (23,16) | SUBARRAY m3 (23,16) in 

1st o33 a KLBMBNT bs3 (3) ■> SUBARRAY d3 (31,24) I SUBARRAY m3 (31,24) in 

1st dOO - MALTBR ARBN (7,0) oOO in 

Imt dOl « MALTBR dOO (15,8) oOl in 

1st d02 - MALTBR dOl (23,16) ©02 in 

1st d03 - MALTBR d02 (31,24) ©03 in 

1st dlO - MALTBR ARBN (7,0) olO in 

1st dll - MALTBR dlO (15,8) oil in 

1st dl2 * MALTBR dll (23,16) ©12 in 

1st dl3 - MALTBR dl2 (31,24) ol3 in 

1st d20 * MALTBR ARBN (7,0) o20 in 

1st d21 - MALTBR d20 (15,8) o21 in 

1st d22 * MALTBR d21 (23,16) o22 in 

1st d2 3 - MALTBR d22 (31,24) o23 in 

1st d30 « MALTBR ARBN (7,0) o30 in 

1st d31 * MALTBR d30 (15,8) o31 in 

1st d32 - MALTBR d31 (23,16) o32 in 

1st d33 « MALTBR d32 (31,24) o33 in 

1st o0_0 - ALTER ARBN (0) (Ham_Bnc rsp d03) in 

1st ol_0 * ALTBR o0_0 (1) (bs > 0 *> (Ham_Bnc rsp d!3) | ARBN) in 

1st o2_0 « ALTBR ol_0 (2) {bs > 1 «> (H*m_Bnc rsp d23) I ARBN) in 

1st o3_0 ■ ALTBR o2_0 (3) (bs > 2 ■> (Ham_Bne rsp d33 ) | ARBN) in 

1st MB_Data_out ■ o3_0 in 

1st MB_BS_out - PBJBS^inB s in 

1st CB_Opcods_out m CBM_Idls in 

1st CB_Addr_out - (ARBNi wordn) in 

1st CB_Data_out * (ARBN mum-> wordn) in 

1st CB_JBS_out * (ARBN: wordn) in 

1st CB_BK_out ■ ( ARBN :num-> wordn) in 

(PIUTOut PB_Opcods_out PB_Data_out MB_Opcods_out MB_Addr _ou t MB_Data_out 
MB_BS_out CB_Opcods_out CB_Addr_ou t CB_Data_out CB_BS_out 
CB_BK_out ) » 


1st PRsadLM_OF ■ nsw_dsf inition 
( # PRsadLM_OF / , 

" ! (rsp i A RBP_ty) (s :piut_stats) (s :piut_snv) 

PRsadLM_OF rsp s s * 

1st PB_Opcods_out ■ PBS_Rsady in 

1st PB_Data_out * MB_Data_inB s in 

1st MB_Opcods_out a KBMLRsadLM in 
1st bs - VAL 1 ( PB_BS_inK s) in 
1st aO ■ PB_Addr_inB s in 
1st a0_0 a ALTBR ARBN (0) aO in 

1st al_0 - ALTBR a0_0 (1) (bs > 0 -> (INCN 18 aO) | ARBN) in 

1st a2_0 « ALTBR al_0 (2) (bs > 1 *> (INCN 18 (INCN 18 aO) ) | ARBN) in 

1st a3_0 a ALTBR a2_0 (3) (bs > 2 a> (INCN 18 (INCN 18 (INCN 18 aO) ) ) 

) ARBN) in 

1st MB_Addr_out * a3_0 in 

1st MB_Data_out - (ARBN:num->wordn) in 

1st MB_BS_out . PB_BS_inB s in 

1st CB_Opcods_out a CBM_Idls in 

1st CB_Addr_out a (ARBN: wordn) in 

1st CB_Data_out a ( ARBN mum- > wordn) in 

1st CB__BS_out - (ARBN : wordn) in 

1st CB_BB_out a ( ARBN : num- >wordn ) in 

(PIUTOut PB_Opcods_out PB_Data_out MB_Opcods_out MB„Addr_out MB_Data_out 
MB__BS_out CB_Opcods_out CB_Addr_out CB_Data_out CB_BS_out 
CB_BB_out ) " 


1st PWritsPIU_OF a nsw_ds£ inition 
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( 'PWritaPIU_OF' , 

« ! (rap i A REP_ty) (s :piut_atata) (• :piut_anv) . 

PWritaPIU_OF rap a a * 

lat PB__Opcoda_out ■ PBS_Raady in 

lat PB_Data_out * (ARBN j num- >wordn) in 

lat MB_Opcoda_out * MBM_Idla in 

lat MB_Addr_out = ( ARBN : num- >wordn ) in 

lat MB_Data_out * (ARBN : num- >wordn) in 

lat MB_BS_out * (ARBNtwordn) in 

lat CB_Opcoda_out * CBM__Idla in 

lat CB_Addr_out - (ARBN:wordn) in 

lat CB_Data_out * { ARBN: num- >wordn) in 

lat CB_BS_out * (ARBNtwordn) in 

lat CB_BB_out ■ ( ARBN: num- >wordn) in 

( PIUTOut PB_Opcoda_out PB_Data_out MB_Opcoda_out MB_Addr_out MB_Data_out 
MB_BS_out CB_Opcoda_out CB_Addr_out CB_Data_out CB__BS_out 
CB_BB_out ) " 

) ; J 

lat PRaadPIU_OP * naw_daf inition 
( ' PRaadPIXJ_OF ' , 

*\ (rap t A RBP_ty) (a :piut_atata) (a :piut_anv) . 

PRaadPIU_OF rap a a - 

lat PB_Opcoda_out » PBS_Raady in 
lat ba ■ VAL 1 (PB_BS_inB a) in 

lat dO - (RagOP (PB_Addr_inB a)) -> RT_icrS a I 

(Rag IP (PB_Addr_inB a)) => RT_icrS a I 

<Rag2P (PB_Addr_inB a)) *> RT_gcrS a I 

(Rag3P (PB_Addr_inB a)) «> RT_ccrS a I 

(Rag4P ( PB_Addr_inB a)) *> RT_arS a | 

(Rag8P ( PB_Addr_inB a)) *> RT_ctrO_inS a I 
(Rag9P (PB_Addr_inB a)) *> RT_ctrl_iaS a I 
(RaglOP (PB_Addr_inB a)) «> RT_ctr2_inS a l 
(RagllP ( PB_Addr_inB a)) ■> RT_ctr3_inS a | 

(Rag 12 P (PB_Addr_inB a)) «> RT_ctrOS a I 

(Rag 13 P (PB_Addr_inB a)) *> RT_ctrlS a I 

(RagliP (PB_Addr_inB a)) ■> RT_ctr2S a I 

(RaglSP (PB_Addr_inK a)) ■> RT_ctr3S a I ARBN in 

lat dl « (ba > 0) 

«> (RaglSP ( PB_Addr_inB a)) »> RT_icrS a I 
(RagOP (FB_Addr_inB a) ) *> RT_icrS a | 

(RaglP ( PB_Addr__inE a)) *> RT_gcrS a I 

(Rag2P (FB_Addr_inB a)) => RT_ccrS a I 

(Rag3P (PB_Addr_inB a) ) *> RT_arS a I 

( Rag7 P (PB_Addr_in B a)) »> RT_ctrO_inS a | 

(Rag8P (PB_Addr_inB a)) *> RT_ctrl_inS a 1 

(Rag9P ( PB_Addr_inE a)) «> RT_ctr2_inS a I 

(RaglOP ( PB_Addr_inB a) ) ■> RT_ctr3_inS a | 

(RagllP (PB_Addr_inB a)) «> RT_ctrOS a | 

(Ragl2P (PB_Addr_inS a)) «> RT_ctrlS a | 

(Ragl3P (PB_Addr_inB a)) «> RT_ctr2S a | 

(Ragl4P (PB_Addr_inB a) ) -> RT_ctr3S a I ARBN 

| ARBN in 
lat d2 * (ba > 1) 

*> (Ragl4P (PB_Addr_inB a)) *> RT_icrS a I 
(RaglSP ( PB_Addr_inB a)) «> RT_icrS a I 
(RagOP (PB_Addr_inB a)) ■> RT_gcrS a I 

(RaglP ( PB__Addr_inB a) ) *> RT_ccrS a I 

(Rag2P ( PB_Addr_inB a)) -> RT_arS a 1 

(RagfiP (PB_Addr_inB a)) -> RT_ctrO_inS a I 

(Rag7P (PB_Addr_inE a)) -> RT_ctrl_inS a I 

(RagSP ( PB_Addr_inB a)) -> RT_ctr2_inS a I 

(Rag9P (PB_Addr_inB a)} = > RT_ctr3_inS a | 

(RaglOP (PB_Addr_in B a)) *> RT_ctrOS a | 

(RagllP (PB_Addr_inB a)) *> RT_ctrlS a I 
(Ragl2P (PB_Addr_inB a) ) *> RT_ctr2S a I 
(Ragl3P ( FB_Addr_inB a) ) => RT_ctr3S a | ARBN 

| ARBN in 
lat d3 * (ba > 2) 

=> (RaglSP ( PB_Addr_inB a}) *> RT_icrS a I 
(Ragl4P (PB_Addr_inB a)) «> RT_icrS a I 
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(Ragl5P (PB_Addr_inE a) ) »> RT_gcrS * I 
(RagOP ( PB_Addr_inE •) ) «> RT_ccrS a | 

(RaglF ( PB_Addr_inE a) ) «> RT_*rS a | 

(Rag5P ( PB_Addr_inE •) ) ■> RT_ctrG_inS a | 

(Rag6P (PB_Addr_inE a) ) »> RT_ctrl_inS a | 

(Rag7F (PB_Addr_inE •) ) »> RT_ctr2_inS a I 

(Rag6P ( PB_Addr__inE •) ) -> RT_ctr3_inS a | 

(Rag9P (PB_Addr_inE a)) s> RT_ctrOS a | 

(RaglOP (PB_Addr_inE a) ) -> RT_ctrlS a | 

(RagllP (PB_Addr_inB a)) => RT_ctr2S a | 

(Ragl2F (PB_Addr_inE •) ) *> RT_ctr3S • I ARBN~ 

| ARBN in 
lat PB_Data_out ■ 


ALTER (ALTER (ALTER (ALTER ARBN(O) dO)(l) dl)(2) d2)(3) d3 in 
lat MB_Opcoda_out * MBM_Idl* in 
lat MB_Addr_out = (ARBN: num- > wordn) in 
1st MB„Data_out * ( ARBN : nun- >wordn ) in 
lat MB_BS_out • (ARBN: wordn) in 
lat CB_Opcoda_out • CBM_Idla in 
lat CB_Addr_out * (ARBN: wordn) in 
lat CB_Data_out ■ (ARBN :num- > wordn) in 
lat CB_BS_out ■ (ARBN: wordn) in 
lat CB_BB_out ■ ( ARBN: num-> wordn) in 


(PIUTOut PB_Opcoda_out PB_Data_out MB_Opcoda_out MB_Addr_ou t MB_Data_out 
HB_BS_out CB_Op c oda _ou t CB_Addr_out CB_Data_out CB_BS_out 
CB_BB_out ) * 


lat PWritaCB__OF * naw_daf inition 
( ' PWritaCB_OF ' , 

" ! (rap > A REF__ty) (a :piut_atata) (a :piut_anv) . 

PWritaCB_OF rap a a * 

lat PB_Opcoda_ou t * PBS_Raady in 

lat PB_Data_out * ( ARBN : num- >wordn ) in 

lat MB_Opcoda_out « MBM_Idla in 

lat MB_Addr_out « ( ARBN : num- > wordn) in 

lat MB_Data_out m ( ARBN : num- >wordn ) in 

lat MB__BS_out » (ARBN: wordn) in 

lat CB_Opcoda_out ■ CBM_WritaCB in 

lat CB_Addr_out * PB_Addr_inE a in 

lat ba * VAL 1 ( PB_BS_inK a) in 

lat do « ELEMENT (PB_Data_inB a) (0) in 

lat dl * ELEMENT (PB_Data_inE a) (1) in 

lat d2 » ELEMENT (PB_Data_inE a) (2) in 

lat d3 - ELEMENT (PB_Data_inB a) (3) in 

lat oO - ALTER ARBN (0) (Par_Enc rap dO) in 

lat ol - ALTER oO (1) (ba > 0 •> (Par_Enc rap dl) | ARBN) in 

lat o2 * ALTER ol (2) (ba > 1 *> (Par_Enc rap d2) ! ARBN) in 

lat o3 - ALTER o2 (3) (ba > 2 «> (Par_Bnc rap d3) t ARBN) in 

lat CB_Data_out * o3 in 

lat CB_BS_out « PB_BS_inE a in 

lat CB_BE_out * PB_BE_inE a in 


(PIUTOut PB_Opcoda_out PB_Data_out MB_Opcoda_out MB_Addr _ou t MB_Data_out 
MB_BS_out CB_Opcoda_out CB_Addr_out CB_Data_out CB_BS_out 
CB_BE_out ) " 


lat PRaadCB_OP - naw_daf inition 
( ' PRaadCB_OF ' , 

*1 (rap * A REF_ty) (a :piut_atata) (a ipiut_anv) . 

PRaadCB__OF rap a a ■ 

lat PB_Opcoda_out * PBS_Raady in 

lat ba « VAL 1 ( PB_BS_inE a) in 

lat dO « ELEMENT (CB_Data_inE a) (0) in 

lat dl « ELEMENT (CB_Data_inE a) (1) in 

lat d2 * ELEMENT (CB_Data_inB a) (2) in 

lat d3 - ELEMENT (CB_Data_inB a) (3) in 

lat oO - ALTER ARBN (0) (Par_Dac rap dO) in 

lat ol - ALTER oO (1) (ba > 0 •> (Par_Dac rap dl) | ARBN) in 

lat o2 - ALTER ol (2) (ba > 1 -> (Par.Dac rap d2) i ARBN) in 
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lat o3 = ALTER o2 (3) (ba > 2 *> (Par_Dac rap d3 ) | ARBN) in 

lot PB_Data_out * o3 in 

lat MB_Opcoda_out * MBM_Idla in 

lat MB_Addr_out * (ARBN:num->wordn) in 

lat MB_Data_out * (ARBNi num->vordn) in 

lat MB_BS_out * (ARBNiwordn) in 

lat CB_Opcoda_out * CBH_RaadCB in 

lat CB_Addr_out * PB_Addr_inE a in 

lat CB_Data_out * (ARBN : num->wordn) in 

lat CB_BS__out » PB_BS_inE a in 

lat CB_BB_out = PB_BB_inE a in 

( PIUTOut PB_Opcoda_out PB_Data_out MB_Opcoda_out MB _ Addr_ou t MB_Data_out 
MB_BS_out CB_Opcoda_out CB_Addr_out CB_Data_out CB„BS_out 
CB_BB_out ) " 


% 

PIU P-Procaaa intarpratar dafinition. 


% 


lat PIUP_Exac = naw_daf ini t ion 

( ' PIUP_Bxac J , . 

"! (pi tPI) (a i timaT->piut_atata) (a t timaT->plut_anv) (p : timaT->piut_out ) 

(t itimaT) . 

PIUP_Bxac pi i • p t « 

( ERM_Rasat_inE (at) * BRM_NoRaaat) /\ 

((pi ■ PWritaLM) ■> (PB_Opcoda_inE (at)* PBM_WritaLM) I 

(pi * PRaadLM) *> (PB_Opcoda_inB (at) * PBM_RaadLM) | 

(pi * PWritaPIU) ■> ( PB_Opcoda_inB (at) * PBM_WritaPIU) I 

(pi * PRaadPIU) *> ( PB_Opcoda_inB (at) * PBM_RaadPIU) I 

(pi = PWritaCB) *> ( PB_Opcoda_inK (at) * PBM_WritaCB) 

* (pi ■ PRaadCB) % I ( PB_Opcoda_inB (at) * PBM_RaadCB) ) * 

);; 

lat PlUP_PraC * naw_daf inition 

( 'PIUP_PraC' , 

* ! (pi jpi) (« i timaT->piut_atata) (a i timaT->piut_anv) (p i t imaT- >piut_out ) 
(t itimaT) . 

pIUP_PraC pi a a p t * ( ST_f as*_atataS (at) ■ SO)" 

) ; ; 

lat PIUP_PoatC * naw_daf inition 

( 'PIUP_PoatC', 

"l (rap i A RBF_ty) (pi :PI) (a : timaT->piut_atata) (a : timaT->piut_anv) 

(p i timaT->piut_out ) (t itimaT) * 

PIUP_PoatC rap pi a a p t * 

(pi - PWritaLM) *> ((a (t+1) * PStabla_Stata_NSF (a t) (a t)) /\ 

(p t * PWritaLM_OF rap (a t> (at))) I 
(pi - PRaadLM) -> ((a (t+1) - PStabla_Stata_NSF (a t) (a t)) /\ 

(p t * PRaadLM_OF rap (at) (at))) I 
(pi * PWritaPIU) *> ((a (t+1) * PWrita_PIU_NSF (a t) (a t)) /\ 

(p t * PWritaPIU_OF rap (a t) (at))) I 
(pi * PRaadPIU) *> ({a (t+1) * PStabla_Stata_NSF (a t) (a t) ) /\ 

(p t * PRa adP IU_OF rap (a t) (at))) I 
(pi * PWritaCB) -> ((a (t+1) * PStabla_Stata_NSF (a t) (a t)) /\ 

(p t * PWritaCB_OF rap (a t) (at))) I 
% (pi * PRaadCB) => % ((a (t+1) - PStabla_Stata_NSF (a t) (a t) ) /\ 

(p t * PRaadCB_OF rap (at) (at)))* 

) > ; 

lat PIUP_Corract * naw_daf inition 

( 'PIUP_Corract * , 

u \ (rap i A RBP_ty) (pi tPI) (a : timaT->piut_atata ) (a : timaT->piut_anv) 

(p :timaT->piut_out ) (t itimaT) . 

PIUP_Corract rap pi a a p t * 

PIUP_Bxac pi a apt /\ 

PIUP_PraC pi a a p t 
■» 

PIUP_PoatC rap pi a a p t" 

) ;; 
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lat PIUPSat_Corract » naw_daf ini t ion 
( ' PlUPSat_Corract ' , 

u l (rap : A RBP_ty) (s : timaT->piut_stata) ( a : timaT->piut_anv) . 
PIUPSat_Corract rap saps I (pi :PI) (t :timaT) . PIUP_Corract rap pi i a p t" 
);; 

closa_thaory ( ) / / 


4.2 P-Port Transaction-Level Specification 

This section contains the theories ptauxp_def, ptranspjdef, and ptabs_def, defining the P-Port transac- 
tion-level data structures, interpreter, and abstraction, respectively. 


% 


Fila: ptauxp_daf.ini 

Author: (c) D.A. Fura 1992-93 

Data: 3 March 1993 

This fila contains typas and dafinitions for tha t ransact ion- 1 aval 

spacif ication of tha P-Procass of tha PIU P-Port. 


% 


sat_flag ( 'timing ' , trua) j / 

sat_saarch_path ( saarch_path ( ) & ( • /homa/alvis6/dfura/f tap /piu /hoi /lib/ ' ; 

' /homa/alvisfi/dfura/ftap/piu/hol/pport / ' ; 
* /homa/alvis6/dfura /hoi /Library /tools/ ' 
]);? 

systam ' rm ptauxp_daf . th ' ; ; 

naw_thaory 'ptauxp_daf • / ; 

map new pa rant [ * paux_daf 1 ; • inaq ' ] ; ; 

naw_typa_abbr av ( ' t ima ' , "x num" ) ; ; 
naw_typa_abbrav ( ' t imaT ' , ” x nun" ) ; / 
naw_typa_abbrav ( ' words ' , " t nun- >bool * ) ; ; 
naw_typa_abbrav ( 1 wordnn ' , u x nun- >wordn" f ) / ; 

% 

Abstract data typa for tha P-port instruction sat* 


■% 


lat PTI » 

dafina_typa 'PTI' 

'PTI « PT_Writa | PT_Raad';/ 


% 

Abstract data typa for tha P-port and P-Bus opcodas. 


% 


lat pbmop * 

daf ina_typa ' pbmop ' 

'pbmop « PBM_WritaLM I PBM_WritaPID | PBM_WritaCB I PBM__RaadLM | 
PBM_RaadPIO | PBM_RaadCB I PBM_Illagal ' ; ; 

lat pbsop = 

dafina_typa 'pbsop' 

'pbsop « PBS_Raady I PBS_Illagal ' / ; 
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let ibsop = 

d ef ine_type ' ibaop ' 

' ibaop * IBS_Ready I IBS_Illegal ' ; ; 

lat ibamop = 

da f ine_type # ibamop # 

* ibamop = IBAM_Ready | IBAM_Illegal ' ; ; 

lat ibaaop = 

define_type 'ibaaop' 

'ibaaop ■ IBAS_Ready I IBAS_I1 legal '; / 


lat rmop * 

daf ina_typa ' rmop ' 

'rmop * RM_NoReaet I RM_Illagal ' ; ; 


% 

Abatract data typa for tha mamory accaaa target. 


% 


lat targ_Axiom * 

daf ine_type ' t arg_Axiom ' 

'targ • LM | PIU I CB' / ; 


% 

Abatract data typa for tha atata. 


■% 


lat pt_etate *= 

dafina_typa 'pt_atate' 

'pt_atata * PTState pfem_ty bool bool';/ 

lat PT_f am_atataS = new_recuraive_def ini t ion 
falaa 
pt_atate 
' PT_f am^at at aS' 

"PT_f an^atataS (PTStata PT_fam_atate PT_rqt PT_lock_) * PT_f •nutate"; ; 

lat PT_rqtS ■ new_recuraive_def ini t ion 
falaa 
pt_atate 
' PT_rqtS ' 

"PT_rqtS (PTStata PT_f am^atate PT_rqt FT_lock_) - PT_rqt "?/ 

lat PT_lock_S * naw_racuraiva_daf ini t ion 
falaa 
pt_atata 
' PT_lock_S ' 

"PT_lock_S (PTStata PT_fam_atate PT_rqt PT_lock_) * PT_lock_"/ / 
lat State_CASBS «= 

prova_caaaa_thm (prove_induction_thm pt_atata) / ; 

lat PTSt at a_Sa lac tor a_Work ■ prova_thm 
( ' PTStata_Selectora_Work ' , 

" la xpt_atate . 

a « (PTStata ( PT_f am_atataS a) (PT_rqtS a) (PT_lock_S a))" # 

OKN_TAC 

THEN STRUCT_CASBS_TAC (SPEC •aip^atata"' Stata_CASBS) 

THEN REWRITE_TAC [PT_f am_»tataS; PT_rqtS/ PT_lock_S] 

) / 7 


% 

Abatract data typa for tha environment . 


■% 


lat pt_anv ■ 

defina_type 'pt_env' 

<pt_anv * PTBnv pbmop wordn wordnn vordn wordnn bool ibaop wordnn 
ibaaop rmop ' / ; 

lat PB_Opcode_inE * new_recuraive_def inition 
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falsa 

pt_anv 

' PB_Opcoda_inB ' 

"PB_Opcod«_inB (PTBnv PB_Opcoda_in PB_Addr_in PB_Data_in PB_BS_in 
PB_BB_in PB_Lock_in IB_Opcoda_in IB_Data_in 
IBA_Opcoda_in R»t_Opcoda_in ) 

* PB_Opcod«_in" / / 

lat PB_Addr_inB * naw_racursiva_daf inition 

falsa 

pt_anv 

' PB_Addr_inB ' 

"PB_Addr_inB (PTBnv PB_Opcoda__in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in IB_Opcoda_in IB_Data_in 
IBA_Opcoda_in Rst_Opcoda__in) 

* PB_Addr_in" ; / 

lat PB_Data_inB * naw_racursiva_daf inition 

falsa 

pt_anv 

' PB_Data_inB ' 

*'PB_Data_inE (PTBnv PB_Opcoda_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB„in PB_Lock_in IB_Opcoda_in IB_Data_in 
IBA_Opcoda_in R*t_Opcoda_in) 

* PB_Data_ln w / / 

lat PB_BS_inB ■ naw_ra cur siva_daf inition 
falsa 
pt_anv 
' PB_BS_inB ' 

"PB_BS_inE (PTBnv PB_Opcoda_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in IB_Opcoda_in IB_Data_in 
IBA_Opcoda_in Rst_Opcods_in) 

» FB_BS_in" ; ; 

lat PB_BB_inB ■ naw_racursiva_daf inition 
falsa 
pt_anv 
' PB_BB_inB ' 

*PB_BB_inB (PTBnv PB_Opcods_in PB_Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in IB_Opcoda_in IB_Data_in 
IBA_Opcoda_in R»t_Opcoda_in) 

- PB_BB_in' f ; / 

lat PB_Lock_inB * naw_racursiva_daf inition 

falsa 

pt_anv 

' PB_Lock_inB ' 

*PB_Lock_±nB (PTBnv PB_Opcoda_in PB _Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in IB_Opcoda_in IB_Data_in 
IBA_Opcoda_in Rst_Opcoda_in) 

■ PB_Lock_in"; ; 

lat IB__Opcoda_inB • naw_racursiva_daf Inition 

falsa 

pt_anv 

' !B_Opcoda_inE ' 

" IB_Opcoda_inB (PTBnv PB_Opcods_in PB_Addr_in PB_Data_in PB_BS_in 
PB_BB_in PB_Lock_in IB_Opcoda_in IB_Data_in 
IBA_Opcoda_in Rst_Opcoda_in) 

« IB_Opcoda_in" ; / 

lat IB_Data_inB * naw_racursiva_daf inition 

falsa 

pt_anv 

' IB_Data_inB ' 

*'IB_Data_inB (PTBnv PB_Opcods_in PB __Addr_in PB_Data_in PB_BS_in 

PB_BB_in PB_Lock_in IB_Opcoda_in IB_Data_±n 
IBA_Opcoda_in Rs t_Opcoda_in ) 

■ IB_Data_in" / / 


lat IBA_Opcoda_inB ■ naw_r a cur siva_daf inition 
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false 

pt_env 

' IBA_Opcode_inB ' 

«IBA_Opcode_inE (PTEnv PB_Opcode_in PB_Addr_in PB_Data_in PB_BS_in 
PB_BB_in PB_Lock_in IB_Opcode_in IB_Data_in 
IBA_Opcode_in Rat_Opcoda_in> 

■ IBA_Opcode_in" ; ; 

lat Rst_Opcode_inB = new_recursive_def ini t ion 
false 
pt_env 

'Rst_Opcode_inE ' 

"Rst_Opcode_inE (PTEnv PB_Opcods_in PB_Addr_ln PB_Data_in PB_BS_in 
PB_BE_in PB_Lock_in IB_Opcode_in IB_Data_in 
IBA_Opcods_in Rst_Opcode_ln) 

* Rst_Opcod*_in" ; ; 
let Bnv_CASES * 

prove_cases_thm (prove_induction_thm pt_env);j 

let PTEnv_Selectors_Work * prove_thm 
( 'PTBnv_Selectors_Work' , 

" ! e i pt_env . 

e = (PTEnv (PB_Opcode_inE e) (PB_Addr_inE e) (PB_Data_lnB e) (PB_BS_inE e) 
(PB_BE_inB e) (PB_Lock_inE e) { IB_Opcode_inE e) 

( !B_Data_inK e) ( IBA„Opcode_inE e) ( Rs t_Opcode_lnE e ) ) " , 

OBN_TAC 

THEN STRUCT_CASES_TAC (SPEC "ejpt.env" Bnv_CASBS) 

THEN REWRITB_TAC [PB_Opcode_inE ; PB_Addr__inE; PB_Data_inB; PB_BS_inB; 

PB_BB_inKj PB_Lock_inB; IB_Opcode_inB ; IB_Data_inB; 
IBA_Opcode_inB; Rst_Opcode„inE] 

) J7 


% 

Abstract data type for the output. 


% 


let pt_out « 

define_type 'pt_out' 

'pt_out * PTOut pbmop wordn wordnn wordn wordnn bool 
ibamop 

pbsop wordnn' ; ; 

let XB_Opcode_out 0 = new_recursive_def lnitlon 
false 
pt_out 

* IB_Opcode_outO * 

" IB_Opcode_outO (PTOut IB_Opcode_out IB_Addr_out IB_Data_out IB_BS_out 

IB_BB_out IB_Lock_out IBA_Opcode_out PB_Opcode_out 
PB_Data_out ) 

* IB_Opcode_out " j / 

let IB_Addr_outO - new_recurslve_def lnitlon 

false 

pt_out 

' IB_Addr_outO ' 

" IB_Addr_out O (PTOut IB_Opcode_out IB_Addr_out IB_Data_out XB_BS_out 

IB_BB_out IB_Lock_out IBA_Opcode__out PB_Opcode_out 
PB_Data_out ) 

* IB_Addr_out " ; j 

let IB_Data_outO * new_recursive_def lnitlon 

false 

pt_out 

' IB_Dat a_out O ' 

« lB_Data_outO (PTOut IB_Opcode_out IB_Addr_out IB_Data_out IB_BS_out 

IB_BB_out IB_Lock_out IBA_Opcode_out PB_Opcode_out 
PB_Data_out ) 

= IB_Data_out"; ; 

l*t lB_BS_outO * new_recurslve_def lnitlon 
false 


205 


pt_out 
' IB_BS_outO ' 

"IB_BS_outO (PTOut IB_Opcoda_out IB_Addr_out IB_Data_out IB_BS_out 

IB_BB_out IB_Lock_out IBA_Opc oda_ou t PB_Opcoda_out 
PB_Data_out) 

* IB_BS_out"; ; 

lat IB_BB_outO * naw_racursiva_daf inition 
falsa 
pt_out 
' IB__BB_OUt0 ' 

" IB_BB_ou t 0 (PTOut IB_Opcoda_out IB_Addr_out IB_Data_out IB_BS_out 

IB_BB_out IB_Lock_out IBA_Opcoda_out PB_Opcoda__out 
PB_Data_out ) 

= IB_BB_out " ; ; 

lat IB_Lock_outO * naw_racursiva_daf lnition 

falsa 

pt_ out 

' IB_Lock__outO * 

“ IB_Loc)c_outO (PTOut IB_Opcoda_out IB_Addr_out IB_Data_out IB_BS_out 

IB_BB_out IB_Lock_out IBA_Opcoda_out PB_Opcoda_out 
PB_Data_out) 

* IB_Lock_out * ; ; 

lat IBA_Opcoda_outO * naw_racursiva_daf ini t ion 

falsa 

pt_out 

* IBA_Op c oda_ou t 0 ' 

"IBA_Opcoda_outO (PTOut IB_ppcoda_out IB_Addr_out IB_Data_out IB_BS_out 

IB_BB_out IB_Lock_out I BA_Opc oda_ou t PB_Opcoda_out 
PB_Data_out ) 

* IBA_Opcoda__out " j ; 

lat PB_Opcoda_outO * naw_racursiva_daf ini t ion 

falsa 

pt_out 

' PB_Opcoda_outO * 

"PB_Opcoda_outO (PTOut IB_Opcoda_out IB_Addr_out IB_Data_out IB_BS_out 

XB__BB_out IB_Lock_out IBA_Opcoda_out PB_Opcoda_out 
PB_Data_out) 

« PB_Opcoda_ou t " / ; 

lat PB_Data_outO « naw_racursiva_daf ini t ion 

falsa 

pt_out 

' PB_Data_outO * 

</ PB_Data_outO (PTOut IB_Opcoda_out IB__Addr_out IB_Data_out IB_BS_out 

IB_BB_out IB_Lock__out IBA_Opcoda_out PB_Opcoda_out 
PB_Data_out ) 

* PB__Data_out" ; j 
lat Out_CASBS x 

prova_casas_thm (prova_induction_th» pt_out)/; 

lat PTOut_Salactors_Wor)c * prova_thm 
( ' PTOut_Salactors_Work ' , 

" I p x pt_out . 

p * (PTOut ( IB_Opcoda_outO p) ( IB_Addr_out O p) ( IB_Data_outO p) 
(IB_BS_outO p) (IB_BH_outO p) ( IB_Lock_outO p) 

( IBA_Opcoda_outO p) (PB_Opcoda_outO p) (PB_Data_outO p))", 

OBN_TAC 

THEN STRUCT_CASKS_TAC (SPBC "p jpt_OUt ^ Out_CASBS) 

THBN RBWRITB_TAC [ IB_Opcoda_outO / IB_Addr_outO ; IB_Data_outO ; IB_BS_outO ; 

IB_BB_outO; IB_Lock_outO ; PB_Opcoda_outO; PB_Data_outO ; 
IBA_Opcoda_ou t 0 ] 

)n 

closa_thaory ( ) ; j 
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File* ptransp_def.ini 

Author* (c) D.A. Fura 1992-93 
Date: 2 March 1993 

Thie file contain* the ml *ource for the trans- level specif ication of the 
P-Port of the FTEP PIU, an ASIC developed by the Embedded Processing 
Laboratory, Boeing High Technology Center. 

% 


a*t_»earch_jpath (search_path( ) 0 [ ' /home/elvis6/dfura/f tep/piu/hol/pport / ' ; 

' /home/elvis6/dfura/f tep/piu/hol/lib/ ' ; 

' /home/ elvis6/dfura/hol /Library/ tool*/ ' 

3 )>/ 

set_f lag ( 'timing true) / / 
system ' rm ptransp_def . th ' ; ; 
new_theory 'ptransp_def ' ; / 

map new_parent [ 'ptauxp_def ' j 1 array_.de f ' ; 'wordn_def ' ] / ; 

% 

Next state definition for P-Port instructions. 


let PT_WriteNSF_A - new_def ini t ion 
( ' PT_WriteNSF_A ' , 

" ! (s xpt_state) (e :pt_env) . 

PT_WriteNSF_A s • « 

let new_PT_f sm_state * PA in 

let new_PT_rqt * F in 

let new_PT_lock_ * PB_Lock_inE e in 

(PTState new_PT_f sm_state new_PT_rqt naw_PT_lock_) ■’ 

)lt 

let PT_WriteNSF_H ■ new_def inition 
( ' PT_WriteNSF_H ' , 

* ! (s xpt_state) (e :pt_env) 

PT_WriteNSF_H s e « 

let new_PT_f sm_state * PH in 

let new_PT_rqt * F in 

let new_PT_lock_ * PB_Lock_inE e in 

(PTState new__PT_f sm_state new_PT_rgt nw_PT_loc)c_) * 

) ?; 

let PT_ReadNSF_A * new_.de f inition 
( ' PT_ReadNSF_A ' , 

"1 (* *pt_state) (e *pt_env) . 

PT_ReadNSF_A s e ■ 

let new_PT_f sm_state * PA in 

let new_PT_rqt * F in 

let new_PT_lock_ * PB_Loc)c_inB e in 

(PTState new_PT_f sm_state new_PT_rqt new_PT_lock _) " 

)i ; 

let PT_ReadNSF_H ■ new_def inition 
( ' P T_Re adNS F_H ' , 

" ! (s *pt_state) (e jpt_env} . 

PT_ReadNSF_H s e * 

let new_PT_f sm_state = PH in 

let new_PT_rqt ■ F in 

let new_PT_lock_ * PB_Locfc_inB e in 

(PTState new_PT_f *m_state new_PT_rqt new_PT_lock _) m 

) ; ; 


% 

Output definition for P-Port instructions. 
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■% 


lat PT_WritaOF ■ naw_daf ini t ion 
( 'PT_WritaOF', 

"l (a jpt_atata) (• ipt_anv) . 

PT_WritaOF a a - 

lat IB_Opcoda_out * PB_Opcoda_inB a in 
lat IB_Addr_out = PB_Addr_inB a in 
lat IB_Data_out * PB_Data_inE a in 
lat IB_BS_out - PB_BS_inB a in 
lat IB_BE_out * PB_BB_in B a in 
lat IB_Lock_out ■ PB_Locfc_inB a in 
lat IBA_Opcoda_out > IBAM_Raady in 
lat PB_Opcoda_out ■ PBS_Raady in 
lat PB_Data_out « ARBN in 


)?; 


(PTOut IB_Opcoda_out IB_Addr_out IB_Data_out IB_BS_out IB_BB__out 
IB_Lock_out IBA_Opcoda_out PB_Opcoda_out PB_Data_out ) " 


lat PT_RaadOF « naw_daf ini t ion 
( ' PT_RaadOP ' , 

“ \ (a tpt_atata) (a ipt_anv) . 

PT_RaadOF a a * 

lat IB_Op coda_out m PB_Opcoda_inB a in 
lat IB_Addr_out « PB_Addr_inB a in 
lat IB_Data_out * ARBN in 
lat IB_BS_out « PB_BS_inB a in 
lat IB_BB_out « PB„BB_inB a in 
lat IB_Lock_out * PB_Lock_inE a in 
lat IBA_Opcoda_out » IBAM_Raady in 
lat PB_Opcoda_out ■ PBS_Raady in 
lat FB_Data_out * IB_Data_inE a in 


);/ 


(PTOut IB_Opcoda_out IB_Addr_out IB__Data_out IB_BS_out IB_BB_out 
IB_Lock_out IBA_Opcoda_out PB_Opcoda_out PB_Data_out ) " 


%- 

P-Port intarpratar dafinition. 


% 


lat PT_Bxac * naw_daf inition 
( 'PT_Bxac' , 

** ! (pti *PTI) (a x tin»aT->pt_atata) (a : timaT->pt_anv) 
(t ttimaT) . 

PT_Kxac pti a apt * 

(Rat_Opcoda_inB (a t) 

( IB_Opcoda_inB (at) « 

( IBA_Opcoda_inB (a t ) 

((pti - PT_Writa) -> 


> RM.NoRaaat) / \ 
IBS_Raady) /\ 

■ IBAS_Raady) /\ 


)/? 


( ( PB_Opcoda_inE 
( PB_Opcoda_inB 
( PB_Opcoda_inB 
(pti - PT_Raad) % \ 
( ( PB_Opcoda_inB 
( PB_Opcoda_inB 
( PB_Opcoda_inB 


t) * PBM_WritaLM) \/ 
t) - PBM_WritaPIU) \/ 
t) * PBM_WritaCB) ) 

t) - PBM_RaadLM) \/ 
t) * PBM_Ra adP IU ) \/ 
t) - PBM_RaadCB ) ) ) w 


(p itimaT->pt_out ) 


lat PT_PraC ■ naw__prim_rac_daf inition 
( ' PT_PraC ' , 

w (PT_PraC (pti t PTI) a a p 0 * 

- (PT_f am^atataS (a 0) * PD) /\ 

(PT_rqts (a 0) - F) ) /\ 

( PT_PraC pti a a p (SUC t) - 

- (PT_f anv_*tataS (a (SOC t)) - PD) /\ 

(PT_rqtS (a (SUC t)) - F) /\ 

((PT_Bxac PT_Writa a a p t /\ PT_PraC PT_Writa a a p t) \/ 
( PT_Kxac PT_Raad a apt / \ PT_PraC PT_Raad a a p t ) ) ) » 

);/ 
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let PT_PoatC = new_def inition 
( ' PT_PoetC ' , 

* i (pti i PTI ) (a : timeT->pt_atate) (e : timeT->pt_env) (p : timeT->pt_out ) 
It xtimeT) 

PT_PoatC pti • e p t * 

(pti « PT_Write) *> ( ( (• (t + 1) = PT_WriteNSF_A (a t) (e t) ) \/ 

(a (t+1) * PT_WriteNSF__H (a t) (e t) ) ) /\ 

(p t * PT_WriteOF (at) (at))) 

% (pti = PT_Read) % I (((a (t+1) * PT_ReadNSF_A (a t) (e t)) \/ 

(a (t+1) « PT_ReadNSF_H (at) (et))) /\ 

(p t * PT_ReadOF (at) (e t))) w 

);/ 

let PT_Correct ■ new_def ini t ion 
( ' PT_Correct # , 

"1 (pti : PTI ) (a : timeT->pt_atate) (e : timeT->pt_env) (p : timeT->pt_out ) 
(t xtimeT) . 

PT_Correct pti a e p t * 

PT_Bxec pti a e p t /\ 

PT_PreC pti a e p t 

BS> 

PT_POBtC pti B I p t* 

) ; ; 

let PTSet_Correct * new_def ini t ion 

( 'PTSet_Correct ' , 

- | (s x timeT->pt_atate) (e : timeT->pt_env) (p : timeT->pt_out ) 
PTSet_Correct a e p * ! (pti: PTI) (t xtimeT) » PT_Correct pti a e p t w 
) ; ; 

cloae_theory ( ) ; / 


File: ptaba_def.ml 

Author: (c) D. A. Fura 1992-93 

Date: 6 March 1993 


■% 


aet_aearch_path ( aearch_path ( ) © [ ' /home/elviafi/dfura/f tep/piu/hol/pport/ ' ; 

' /home/elvia6/dfura/ftap/piu/hol/lib/ ' ; 

' /home/elvia6/dfura/hol/Library/toola/ ' ; 

4 /home/elvie6 /dfura/hol/ml/ ' 

] ) ; ; 


aet_f lag ( 'timing true) / > 
system ' rm ptaba_def . th ' ; ; 
new_theory 'ptaba_def ' / ; 

map naw_parant [ 'piuaux_daf ' » 'ptauxp.daf ' > 'paux_da£'j 'array_da£ ' i 'wordn_da £ ' i 
'bu»n_da£ ' ; 'tamploflic_da£ ' ; 'ptran»p_da£ ' > 'pclock_da£ ' ] j j 

new_type_abbrev ( 'time 9 , w i num" ) / ; 
new_type_abbrev ( ' t imeT ' , ” : nun" ) ; / 
new_ t ype_abb r e v ( ' t imeC ' t num* ) / ; 

% L_Bua atart-of -tranaaction aignal. % 
let ale_aig_pb * new_def inition 
( ' ale_aig_pb ' , 

* ! (e' : timeC->pc_env) . 

ale_aig_pb e' ■ \u':timeC. -BSel ( L_ada_E (e' u')) /\ BSel(L_den_B (e' u')) w 
) ;; 

% i_Bue atart-of -tranaaction aignal for the P Proceaa. % 
let ale_eig_ib ■ new_def inition 
( 'ale_aig_ib' , 
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"I (p' : timac ->pc_out) . 

ala_sig_ib p' * \u's timac. BSal (l_hlda_0 (p' u')) /\ 

( (BSal(I_mala_0 (p' u')) * LO) \/ 

(BSal (I_rala_o (p' u')> » LO) \/ 

{ BSa 1 { l_cala_0 (p' u')) - F ) ) " 

) ? ; 

% I_Bus and-of -transaction signal (I-Bus mastar parspactiva) . % 
lat ack_sig_ib * naw_daf ini t ion 
( 'ack_sig_ib' , 

(a' : timac->pc_anv) (p' : timac ->pc_out ) . 
ack_sig_ib a' p' ■ 

\u' : timac . (BSal(I_last_0 (p' u')) = LO) /\ -BSal (I_srdy_B (a' u'))" 

) ; / 

% I_Bus and-of -data -word signal - transaction not finishad. % 
lat rdy_sig_ib * naw_daf inition 
( 'rdy_sig_ib' , 

"l (a' : timac ->pc_anv) (p' ! timaC ->pc_out ) 
rdy_aig_ib a ' p ' = 

\u': timaC. (BSal ( l_last_0 (p' u')) * HI) /\ -BSal ( I_srdy_B (a' u')) w 

);/ 


% 

Abstraction pradicata for an Intal 80960 L_Bus slava. 


% 


lat PB_Slava * naw_daf inition 
( ' PB_Slava ' , 

"PB_Slava (pti : PTI ) 

(a r timaT->pt_anv) (p t timaT->pt_out ) (t JtimaT) 

(a' i timaC- >pc_anv) (p' j timaC ->pc_out) (tp' : timaC) « 

% slava-raady 0,1,2, 3 timas. % 

lat t'rdyO « Bu'. NTH_TIMB_FALSB 0 (bsig L_raady_0 p') tp' u' in 

lat t ' rdyl « Bu'. NTH_TIMB_FALSB 1 (bsig L_raady_0 p') tp' u' in 

lat t ' rdy2 * Bu'. NTH_TIMH_PALSB 2 (bsig L_raady_0 p') tp' u' in 

lat t'rdy3 ■ Bu'. NTH_TIMB_FALSB 3 (bsig L_raady_0 p') tp' u' in 

lat writa * (ASal(L_wrK (a' tp'))) in 
lat raad « (-writa) in 

lat bs « (VAL 1 (SUBARRAY (BSal (L_ad_inB (a' tp' ) ) ) (1,0))) in 

% and-of -transaction tima. % 

lat t'ack ■ Bu', NTH_TIMB_FALSB bs (bsig raady_0 p' ) tp' u' in 
lat valid_rqt « 

(iu'. LBSS_THAN_N_TIMBS_PALSB bs (bsig L_raady_0 p') tp' u' «*> 

S TABLB_F ALSB (ala_sig_pb a') (tp ' +l,u ' +1) ) in 
lat valid_ack ■ 

<(7t'ack. N_TIMES_FALSE bs (bsig L_raady_0 p') tp' t'ack) /\ 

( STABLB_AB_OFFn ( s ig L_ad_outO p ' ) ( tp ' , tp ' ) ) / \ 

(writa *»> 

(lu'. STABLB_PALSE (ala_sig_pb a') (tp'+l,u # ) >»> 

STABLB_AB_OFPn ( s ig L_ad_out O p') ( tp ' + 1 , u ' ) ) ) /\ 

( lu ' . STABLB_FALSB (ala_sig_pb a') (t'ack,u') ==> 

STABLB_AB_OFFn (sig L_ad_outO p' } (t ' ack+l,u ' ) ) ) in 

lat Imam * 

( (ELEMENT (ASal ( L_ad_inE (a' tp'))) (31) - F) /\ 

(-(SUBARRAY ( ASal (L_ad_inB (a' tp' ) ) ) (25,24) « {WORDN 1 3)))) in 

lat piu ■ 

((ELEMENT ( ASal ( L_ad_inB (a' tp'))) (31) « F) /\ 

(SUBARRAY (ASal (L_ad_inE (a' tp'))) (25,24) « (WORDN 13))) in 
lat cbus * 

(ELEMENT ( ASal ( L_ad_inB (a' tp'))) (31) « T) in 

lat dwO - 

((writa /\ STABLE_AB (sig L_ad_inB a') ( tp ' +1, t 'rdyO) ) 

*> (ASal(L_ad_inB (a' t'rdyO))) | ARBN) in 
lat dwl * 

((writa /\ (bs > 0) /\ STABLB_AB (sig L_ad_inB a ' ) (t 'rdy0+l, t 'rdyl) ) 
-> ( ASal ( L_ad_inE (a' t'rdyl))) | ARBN) in 
lat dw2 * 

((writa /\ (bs > 1) /\ STABLB_AB (sig L_ad_inB a ' ) ( t 'rdyl+1, t ' rdy2 ) ) 
*> (ASal (L_ad_inB (a' t'rdy2))) J ARBN) in 
lat dw3 * 
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( (writ* /\ (b» > 2) /\ STABLB_AB(aig L_ad_inB • ') ( t ' rdy2+l, t ' rdy3 ) ) 
=> (ASal(L_ad_inE (a' t'rdy3))) I ARBN} in 
lat baO = (ASal(L_ba_E (a' tp'))) in 
lat bal * 

( ( (ba > 0) /\ STABLB_AB(»ig L_b«JS • ' ) (t ' rdyO+1, t ' rdyl) ) 

»> (AS«l(L_b«_B (•' t 'rdyl) ) ) I ARBN) in 
lat ba2 * 

( ( (ba > 1) A STABLB_AB(aig L_ba_B a ' ) (t 1 rdyl+1, t ' rdy2 ) ) 

*> (ASal ( L_ba_B (a' t'rdy2))) I ARBN) in 
lat ba3 = 

(((ba > 2) /\ STABLB_AB ( a ig L_ba_B a ') (t ' rdy2+l , t ' rdy3T ) 

*> (ASal (L_ba_B (a' t'rdy3))) I ARBN) in 
lat drO * (wordnVAL (BSal (L_ad_outO (p' t'rdyO)))) in 

lat drl * ((ba > 0) -> wordnVAL (BSal (L_ad_outO (p' t'rdyl))) I ARBN) in 

lat dr2 • ( (ba > 1) -> wordnVAL (BSal <L_ad_outO (p' t'rdy2))) I ARBN) in 

lat dr3 = ( (ba > 2) -> wordnVAL (BSal (L_ad_outO (p' t'rdy3))) I ARBN) in 

( ( PB_Opcoda_inE (at) * 
valid_rqt »> 

(Imam => (writ a => PBM_WritaLM ! PBM_RaadLM) I 
piu «> (writa «> PBM_WritaPIU | PBM_RaadPIU) I 
cbua *> (writa *> PBM_WritaCB I PBM_RaadCB) I PBM_Illagal) I 
PBM_Illagal) /\ 

(PB_Addr_inB (a t) = SUBARRAY (ASal ( L_ad_inB (a' tp'))) (25,2)) /\ 

( PB_Data_inB (at) » 

ALTER (ALTER (ALTER (ALTER ARBN 0 dwO) 1 dwl) 2 dw2 ) 3 dw3 ) /\ 
(PB_BS_inE (a t) * SUBARRAY (BSal (L_ad_inK (a' tp'))) (1,0)) /\ 

( PB_BB_inE (at) * 

ALTER (ALTER (ALTER (ALTER ARBN 0 baO) 1 bal) 2 ba2) 3 ba3) /\ 

(PB_Lock_in B (at) * BSal (L_locfc_B (a' tp'))) /\ 

( pB_Opcoda_outO (p t) * ( valid_ack *> PBS_Raady I PBS_Illagal) ) /\ 
(PB_Data_outO (p t) * 

ALTER (ALTER (ALTER (ALTER ARBN 0 drO) 1 drl) 2 dr 2) 3 dr 3 ) ) " 


% 

Abatraction pradlcata for an I -Bu a arbitration maatar. 


lat IBA_PMaatar « naw_daf inition 
( ' IBA_PMaatar ' , 

"IBA_PMaatar (pti :PTI) 

(a : timaT->pt_anv) (p t t imaT->pt_out ) (t ttimaT) 

(a' x timaC->pc_anv) (p' x timaC->pc_out ) * 

( IBA_Opcoda_inE (at) ■ 

( ( ju ' « ?v' . STABLE_PALSE_THBN_TRUB (baig I_hold_B a') (u',v')) /\ 

( lu ' . CHANGE S_FALSB (baig l_crqt_0 p') u' ■-> 

( ?v' . (u' < V' ) /\ 

STABLB_TRUE_THBN_FALSB (baig I_cgnt_E a') (u',v'))) /\ 

(!u'. BSal ( l_crqt_0 (p' u')) *■> BSal ( I_cgnt_E (a # u'))) /\ 

( !u' . -BSal (I_cgnt_B (a' u')) ■■> 

(BSal (I_hold__E (a' u')) /\ BSal ( I_hold_B (a' (u'-l)))))) 

*> IBAS_Raady I IBAS_Illagal) /\ 

( IBA_Opcoda_outO (p t) * 

( ( lu ' . ?v'. STABLB_FALSE_THBN_TRUE (baig I_hlda_Op') (u',v')) /\ 

( ! u ' . CHANGE S_PALSE (baig I_hold_B a') U' *«> 

( ?v' . (u' < v' ) /\ 

STABLB_TRUB_THEN_FALSB (baig l_hlda_0 p' ) (u' ,v' ) ) ) ) 

*> IBAM_Raady I IBAH_Illagal ) * 

);; 


% 

Abatraction pradicata for an I-Bua maatar . 


% 


lat IB_PMaatar * naw_daf inition 
( ' IB_PMaatar ' , 

*IB_PMaatar (pti iPTI) 

(a 1 1 imaT- >pt_anv) (p : timaT->pt_out ) (t stimaT) 

(a' : t imaC - >pc_anv ) (p' t t imaC - >pc_out ) (ti' :timaC) = 
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lat writ# - (BLBMBNT (BSal (I_ad_outO (p' ti'))) (27) « HI) in 

lat r*ad * (ELEMENT (BSal (I_ad_outO <p' ti'))) (27) * LO) in 

lat b» ■ 

{VAL 1 (SUBARRAY (wordnVAL (BSal <I_ad^outO (p' ti " ) ) ) ) (25,24))) in 

lat Imam * (BSal ( l_mala_0 (p' ti')) » LO) in 
lat piu ■ (BSal (l_rala_0 (p' ti')) * LO) in 
lat cbua « (BSal ( l_cala_0 (p' ti')) ® P) in 
lat valid_rqt ■ % I-Bus m&star control signal# valid % 

((Imam «*> (-piu /\ -cbus)) A 
(piu *■> (-cbus)) /\ 

(?u'. STABLB_HI_THBN_LO (bsig I_last_Op') (ti',u'))) in 
lat valid_ack ■ % I -Bus slava control signals valid % 

( ( ?u ' . STABLE_TRUB_THBN_FALSB (bsig I_srdy_B a') (ti'+l,u')) /\ 

(iu'. rdy_sig_ib a' p' u' ■•> 

( ? v ' » STABLE_TRUB_THBN_FALSB (bsig I_#rdy_E a') (u ' +1, v' ) ) ) ) in 
% and-of -activa-transaction tima % 

lat t'ack a Bu'. STABLE_FALSE_THBN_TRUE (ack_sig_ib a' p') (ti',u') in 

% slava_raady 0, 1,2,3 timas % 

lat t'rdyO » ®u'. NTH_TIMB_PALSB 0 (bsig I_srdy_B a') (ti'+l) u' in 

lat t'rdyl * ®u'. NTH_TIHB__FALSB 1 (bsig I__srdy_E a') (ti'+l) u' in 

lat t ' rdy2 a Bu'. NTH_TIMB_FALSB 2 (bsig I_srdy_B a') (ti'+l) u' in 

lat t'rdyl * Bu' . NTH_TIMB_FALSB 3 (bsig I_srdyJB a') (ti'+l) u' in 

% data-valid pradicatas for writa-data words 0,1,2, 3 % 
lat dvO a (t'rdyO <* t'ack A 

STABLB_AB (sig I_ad_outO p') (ti'+l,t 'rdyO) ) in 
lat dvl s ( t ' rdyl < * t ' ack / \ 

STABLB_AB ( sig I_ad_outO p ' ) ( t ' rdyO +1 , t ' rdyl ) ) in 

lat dv2 * ( t ' rdy2 < a t ' ack / \ 

STABLB_AB ( sig I_ad_outO p ' ) ( t ' rdyl +1 , t ' rdy2 ) ) in 

lat dv3 a ( t ' rdy3 < a t ' ack / \ 

STABLE _AB ( s ig I_ad_out O p ' ) ( t ' rdy2 +1 , t ' rdy3 ) ) in 
% writa-data words 0,1, 2,3 % 

lat dO a (dvO a > wordnVAL (BSal ( I_ad_outO (p ' t'rdyO))) | ARBN) in 

lat dl a (dvl a> wordnVAL (BSal ( I_ad_outO (p' t'rdyl))) I ARBN) in 

lat d 2 a (dv2 ■> wordnVAL (BSal ( I_ad_outO (p ' t'rdy2))) ) ARBN) in 

lat d3 a (dv3 a> wordnVAL (BSal ( I_ad_outO (p' t'rdy3))) ) ARBN) in 

% byta-anabla-valid pradicatas for byta anablas 1,2,3 % 
lat bvl a (t'rdyO <a t'ack A 

STABLB_AB (sig l_ba_0 p') ( ti ' +1, t ' rdyO ) ) in 

lat bv2 a (t'rdyl <a t'ack A 

STABLB_AB (sig l_ba_0 p') (t 'rdyO+1, t 'rdyl) ) in 
lat bv3 a (t'rdy2 <a t'ack A 

STABLB_AB ( s ig l_ba_0 p ' ) ( t ' rdyl+1 , t ' rdy2 ) ) in 

% byta anablas 0, 1,2,3 % 

lat bO a NOTN 3 (wordnVAL (BSal (I _ba_0 (p' ti')))) in 

lat bl a (bvl ■> NOTN 3 (wordnVAL (BSal(I_ba_0 (p' t'rdyO)))) | ARBN) in 

lat b2 a (bv2 «> NOTN 3 (wordnVAL (BSal(I_ba_0 (p' t'rdyl)))) i ARBN) in 

lat b3 a (bv3 a> NOTN 3 (wordnVAL (BSal(I_ba_0 (p' t'rdy2)))) I ARBN) in 

% data-valid pradicatas for raad-data words 0,1, 2, 3 % 

lat avO a (t'rdyO <a t'ack) in 

lat avl a (t'rdyl <a t'ack) in 

lat av2 a (t'rdyl <a t'ack) in 

lat av3 a (t'rdy3 <a t'ack) in 

% raad-data words 0,1,2, 3 % 

lat aO a (avO «> BSal (I_ad_inB (a' t'rdyO)) | ARBN) in 

lat al - (avl «> BSal (I_ad_inB (a' t'rdyl)) | ARBN) in 

lat a2 a (av2 «> BSal ( I_ad_inB (a' t'rdyl)) I ARBN) in 

lat a3 - (av3 «> BSal (I_ad_inB (a' t'rdyS)) | ARBN) in 

( ( IB_Opcoda_outO (p t) a 

(valid_rqt /\ writ a A Imam) *> PBM_WritaLM | 

(valid_rqt /\ writ a /\ piu) a> PBM_WritaPIU | 

(valid_rqt /\ writa /\ cbus) a> PBM_WritaCB | 

(valid_rqt /\ raad /\ Imam) *> PBM_RaadLM | 

(valid_rqt A raad A piu) a> PBM_RaadPIU | 

(valid_rqt /\ raad /\ cbus) ■> PBMJlaadCB I PBM_Illagal) A 

( IB_Addr_outO (p t) a 

SUBARRAY (wordnVAL (BSal (I_ad_outO (p' ti')))) (23,0)) A 
(IB_Data_outO (p t) a 

ALTBR (ALTBR (ALTER (ALTER ARBN 0 dO) 1 dl) 2 d2 ) 3 d3 ) A 
(IB_BS_outO (p t) « 


212 



(STABLE_LO (baig l_la*t_0 p') 
(STABLB_HI (baig l_laat_0 p'J 
STABLE_LO (baig l__laat_0 p # ) 
(STABLE_HI {baig l_laat_0 p') 
STABLB_LO (baig l_laat_0 p') 
(STABLE_HI (baig l_laat_0 p') 
STABLE_LO (baig l_laat_0 p') 


{ t i ' +1 , t ' rdyO ) ) *> WORDN 1 0 I 

(ti'+l, t 'rdyO) /\ 

(t ' rdyO+1, t ' rdyl) ) *> WORDN 1 1 I 
(ti'+l,t 'rdyl) /\ 

(t ' rdyl+1, t ' rdy2 ) ) *> WORDN 1 2 I 
(ti '+1, t 'rdy2 ) /\ 

( t ' rdy2 + 1 , t ' rdy3 ) ) *> WORDN 1 3 I ARBN) /\ 


( IB_BB_outO (p t) * 

ALTER (ALTER (ALTER (ALTER ARBN 0 bO) 1 bl ) 2 b2) 3 b3 ) /\ 


( IB_Opcod«_inE (at) = valid_ack => IBS_Raady 1 IBS_Illegal') /\ 
(IB_Data_inB (at) * 

ALTER (ALTER (ALTER (ALTER ARBN 0 aO) 1 al) 2 a2) 3 *3))" 

) ; ? 


lat Rat_Slava * naw_daf inition 
( 'Rat_Slava ' , 

"Rat_Slava (pti iPTI) (a : timaT->pt_anv) (t ttimaT) (a' i timaC ->pc_anv) * 
Rat_Opcoda_inE (at) * 

(Ju'ttimaC. BSaKRatB (a' u')) = F) => RM_NoRaaat I RM_Illagal" 

)/; 


lat PStataAba « naw_daf inition 
( 'PStataAba ' , 

"PStataAba (pti :PTI) (a t timaT->pt_atata) (a : timaT->pt_anv) 

(p : timaT->pt_out) (t :timaT) (a' : timaC->pc_atata) 

(«' : t imaC - >pc_anv ) (p' : timaC ->pc_out ) (tp' :timaC) 


% <t' * 0) % 

(- (P_f anu»tataS (a' 0) ■ PD) A 
(P_rqtS (a' 0) * F) A 
<P_lock_S (a' 0) * T) ) A 
( (tp' > 0) «> 

(P_fanu*tataS (a' tp') » PT_f animat at as (a t)) /\ 

(P_rqts (a' tp') « PT_rqtS (a t)) /\ 

(P_lock_S (a' tp') * PT_lockJS (a t) ) ) A 
( !tp' auc: timaC . 

NTH_TIMB_TRUB (SUC t) (ala_aig_pb a') 1 tp ' auc «> 

(PT_fanu®tataS (a (t+1) ) - P_fam_atataS (a' tp'auc)) /\ 

(PT_rqtS (a (t + D) « P_rgtS (a' tp'auc)) A 
(PT_lock_S (a (t + D) * P_lock_S (a' tp'auc)))" 

);/ 

lat PTAba * naw_daf inition 
( ' PTAba ' , 

"PTAba (pti : PTI ) (a t timaT->pt_atata) (a : timaT->pt_anv) 

(p t t imaT->pt_out ) (t xtimaT) (a' : timaC->pc_ atata) 

(•' t timaC ->pc_anv) (p' : timaC ->pc_out ) = 

(PT_Bxac pti a a p t 

.«> ?tp' . NTH_TU4E_TRUE t (ala_aig_pb a') 0 tp' A (tp' > 0)) A 
(Itp'. NTH_TIMB_TRUB t (ala_aig_pb a') 0 tp' 

**> (Rat_Slava pti a t a' /\ 

PB_Slava pti apta'p' tp' /\ 

IBA_PMaatar pti a p t a' p' A 
PStataAba pti a apt a' a'p' tp')) /\ 

( ! ti ' . NTH_TIMB_TRUE t (ala_aig_ib p' ) 0 ti' 

.*> lB_PHaatar pti a p t a' p' ti') w 

); ; 

lat PTAbaSat a naw_daf inition 
( ' PTAbaSat ' , 

"PTAbaSat (a t timaT->pt_atata) (a t timaT->pt_anv) (p » timaT->pt_out ) 

(a' x timaC->pc_atata) (a' : timaC ->pc_anv) (p' : timaC ->pc_out) « 

1 (pti: PTI) (tttinaT) . PTAba pti a a p t a' a' p'" 

)/; 

loadf ' aux_daf a ' ; / 

lat ASal * daf inition 'piuaux_daf' 'ASal';/ 
lat BSal * dafinition 'piuaux_daf' 'BSal'/j 

lat P B_Addr _ i n_ ISO - prova_thm 
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( ' PB_Addr_in_ISO ' , 

"! (pti : PTI ) (• t timaT->pt_anv) (p i timaT->pt_out) (t itimaT) 

{•' ttimaC->pc_anv) (p' ttimaC->pc_out ) (t' itimaC) . 

PB_Slava pti • p t a' p' t' 

(PB_Addr_inE (• t) * SUBARRAY (FST (L_ad_inB <•' t'))) (25,2))", 

REWRITB_TAC [EXPAND_LET_RULB PB_Slava; ASal ] 

THEN REPEAT STRIP_TAC 
THEN ASM_REWRITE_TAC [ ] 

)?; 

lat PB_BS_in_ISO * prova_thm 
( ' PB_BS_in_ISO ' , 

"I (pti t PTI ) (• : timaT->pt_anv) (p * timaT->pt_out ) (t itimaT) 

(a' : t imaC - >pc_anv) <p' t t imaC - >pc_out ) (t' itimaC) . 

PB_Slava pti apt a' p' t' *■> 

(PB_BS_inB (• t) * SUBARRAY { SND ( L_ad_inB (a' t'))) (1/0))", 

REWRITB_TAC [ BXPAND_LBT_RULB PB_Slava ; BSal ] 

THEN REPEAT STRIP_TAC 
THEN ASMJREWRITB.TAC [ ] 

);/ 

let RM_Opcoda_in_ISO * prova_thm 
( ' RM_Opcoda_in_ISO 1 , 

* I (pti » PTI) (• : timaT->pt_anv) (t itimaT) (a' : timaC->pc_anv) . 

R*t_slava pti a t a' «»> 

( R»t_Opcod«_inE (at) * 

( lu ' t t imaC . BSal (RatE (•' u')) * P) => RM_NoRaaat | RM_Illagal) ", 
REWRI TE__TAC [R»t_Slava j BSal] 

THEN REPEAT STRIP_TAC 
THEN ASM_REWRITB_TAC [ ] 

)/; 

lat IB_Opcoda_in_ISO * prova_thm 
( ' IB_Opcoda_in_ISO ' , 

"1 (pti : PTI ) (a : timaT->pt_anv) (p i timaT->pt_out ) (t itimaT) 

(•' i timaC->pc_anv) (p' r timaC->pc_out ) (ti' :timaC) . 

IB_PMaatar pti a p t a' p' t±' **> 

( IB_Opcoda_inE (at) * 

H?u'. STABLE_TRUB_THE N_F ALSE (baig I_ardy_B a') (ti # +l,u')) /\ 

( lu' * rdy_«ig_ib a' p' u' »*> 

( ?v' . STABLB_TROB_THEN_FAU3E (baig I_ardy_E a') (u r +1, v # ) ) ) ) 

■> IBS_Raady | IBS_Illagal) ", 

REWRI TB_TAC [ EXP AND_LKT_RULE IB_PMaatar /BSal] 

THEN REPEAT STRIP.TAC 
THEN ASM_REWRITB_TAC ( ] 

)tt 

lat IBA_Opcoda_in_ISO * prova_thxn 
( ' IBA_Opcoda_in_ISO ' , 

"l (pti i PTI ) (a i timaT->pt_anv) (p i timaT->pt_out) (t itimaT) 

(a' i timaC->pc_anv) (p' : timaC->pc_out ) (t' itimaC) . 

IBA_PMaatar pti a p t a' p' »> 

( IBA_Opcoda_inB (at) * 

({lu'. ? v ' « STABLE_PALSE_THBN_TRUB (baig I_hold_B a ' ) (u',v')) A 

{ i U ' • CHANGE S_FAI*SB (baig I_crqt_0 p') u' «■> 

(?v # . (u' < v' ) /\ 

STABLS_TRUE_THKN_FALSE ( be ig I_cgnt_E •'} ( u ' , v ' ) ) ) /\ 

(iu'. BSal ( l_crqt_0 (p' u')) »■> BSal (I_cgnt_B (a' u'))) /\ 

<lu'. -BSal { I_cgnt_B (a' u')) «> 

(BSal (I_hold_E (a' u')) A BSal ( I_hold_B (a' (u'-l)))))) 

» IBAS_Raady | IBAS_Illagal) ", 

REWR ITE_TAC [ BXPAND_LBT_RULB IHA.PMaatar; BSal] 

THEN REPEAT STRIP_TAC 
THEN ASM_RBWRITB_TAC [ ] 

);/ 

lat IB _Addr_out_ISO * prova_tbm 
( # IB_Addr_out_ISO ' , 

" l (pti tPTI) (a itimaT->pt_anv) (p i timaT->pt_out ) (t itimaT) 

(a' i timaC->pc_anv) (p' t timaC->pc_out ) (t' itimaC) 

IB_PM*atar pti a p t a' p' t' ■*> 

( IB_Addr_outO (p t) * 
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SUBARRAY (wordnVAL ( SND ( I_ad_outO (p 4 t')))) <23, O)) 44 , 

RBWRITB_TAC [KXPAND_LET_RULK IB_PMaater / BSel] 

THEN REPEAT STRIP _TAC 
THEN ASM_REWRITE_TAC [ ] 

);; 

let IB_BS_out_ISO * prove_thm 
( 4 IB_BS_out_ISO 4 , 

* ! (pti * PTI ) (• :timeT->pt_env) (p : timeT->pt_out ) (t :timeT) 

(•' t timeC->pc_env) (p' : timeC->pc_out ) (t' :timeC) 

IB_PMaater pti e p t •' p 4 t 4 *■> 

(Xat t 4 rdyO = ®u 4 . NTH_TIMB_FALSB 0{baig I_ardy_B •')(t 4 ♦ l)u 4 in 

1st t'rdyl - ®u 4 . NTH_TIMB_FALSB ltbaig I_ardy_B •')<t 4 + l)u 4 in 

Imt t 4 rdy2 ■ »u 4 . NTH_TIME_FALSB 2 (baig I_ardy_E e 4 )(t 4 + l)u 4 in 

let t 4 rdy3 * Bu 4 . NTH_T IMB_F ALSB 3 (baig I_ardy_E a 4 )(t 4 + l)u 4 in 

(IB_BS_outO(p t ) - 

{ STABXjB_LO ( ba ig l_laat_0 p 4 )(t 4 + l,t 4 rdy0) ■> WORDN 1 0 I 
( (STABLE_HI (baig l_laat_0 p')(t 4 + l,t 4 rdyO) /\ 

STABLE_LO (baig l_laat_0 p 4 )(t 4 rdy0 + 1, t'rdyl)) ■> WORDN 1 1 I 
( (STABLE_HI (baig l_laat_0 p 4 )(t 4 + 1, t'rdyl) /\ 

STABLE_LO (baig l_laat_0 p 4 ) (t'rdyl + 1, t'rdyl)) => WORDN 1 2 l 
( (STABLE_HI (baig l_laat_0 p 4 ) ( t 4 + 1, t'rdyl) /\ 

S TAB LE_LO (baig l_laat_0 p 4 )(t 4 rdy2 + l,t'rdy3)) «*> WORDN 1 3 I 
ARBN) )))))", 

EXPAND_LB T_TAC 

THEN REWRI TB_TAC [EXPAND_LBT_RULE IB_PMaatar ; BSal J 
THEN REPEAT STRIP_TAC 
THEN ASM_RB WR I TB _ T AC [ ] 

) ;; 

cloae_theory ( ) j / 


4.3 M-Port Transaction-Level Specification 

This section contains the theories mtauxp_def, mtransp_def, and mtabs_def, defining the M-Port trans- 
action-level data structures, interpreter, and abstraction, respectively. 


V 


File: mtauxp_def.ini 

Author: (c) D.A. Fura 1993 

Date: 2 March 1993 

Thia file containa typea and definitiona for the tranaaction- level 

apecif ication of the P-Proceaa of the PIU M-Port. 

% 


sat_f lag ( 4 timing 4 , true) / ; 

0 at_eearch__path (aearch_path( ) ® [ ' /home/elvie6/dfura/f tep/piu/hol/lib/ 4 ; 

4 /home/elvia6/dfura/f tep/piu/hol/mport/ 4 ; 
4 / home / elvie 6 /dfura /hoi /Library/ toola/ 4 
] ) ;; 

ayatem 4 rm mtauxp_def . th 4 / ; 

new_theory 4 mtauxp_def 4 ; / 

map new_parent [ 4 maux_def 4 ] n 

new_type_abbr ev ( 4 1 ime 4 , * t num" ) ; ? 

new_type_abbrev ( 4 1 imeT 4 , 44 : nun* ) / j 

new_type_abbrev ( 4 wordn 4 , " : num- >bool ") n 
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naw_type_abbrev ( 'wordnn' , " j nuzn-> wordn" ) ; ; 


% 

Abstract data typa for tha M-port instruction sat 


■% 


1st MTI a 

dafine_type 'MTI' 

'MTI « MT_Writa | MT_Read | MT_Idla '/7 


% 

Abstract data typa for tha M-Port transaction opcodas . 


■% 


% P-Bus Mastar Opcodas % 
let pbmop • 

da f ine_type ' pbmop ' 

'pbmop « PBM_WriteLM | PBM_WritaPIU | PBM_WriteCB I PBM_ReadLM | 
PBM_RaadPIO | PBM_Re adCB | PBM_Illegal ' ; / 

% I -Bus Slava Opcodas % 
let lbs op m 

def ina_typa ' ibsop ' 

'ibsop * IBS_Raady } IBS_Idla j IBS„Illegal ' ; ; 

% I-Bus Arbitration-Master Opcodas % 
let ibaiDop * 

daf ina_typa ' ibamop ' 

' ibamop * IBAM_ProcP | IBAM.ProcC I IBAM_Illegal ' ; ; 

% M-Bus Mastar Opcodas % 
let mbmop * 

da f ina_t ype ' mbmop ' 

'mbmop « MBM_WritaLM | MBM_ReadLM | MBM_Idla I MBM_Il legal ' ; / 

% M-Bus Slava Opcodas % 
let mb sop ■ 

da finest ypa 'mb sop ' 

'mb sop * MBS_Ready | MBS_Illegal ' ) ; 

% Reset Mastar Opcodas % 
lat nop * 

daf ine_type ' rmop ' 

' rmop * RM_NoRasat | RM_Illagal ' ; ; 


% - - 

Abstract data typa for tha environment. 


% 


lat mt_env * 

da f ine_type ' mt_anv ' 

'mt_env * MTBnv pbmop wordn wo r dim wordn wordnn 
mb sop wordnn 
ibamop 
rmop' ; ; 

lat IB__Opcode_inE ■ new_recursive_def inition 

falsa 

mt_anv 

' IB_Opcode_inB ' 

" IB_Opcode_inB (MTBnv IB_Opcode_in IB_Addr_in IB_Data_in IB_BS_in IB_BE_in 
MB_Opcoda_in MB_Data_in IBAM_Opcode_in Rst_Opcoda_in) 

« IB_Opcoda_in* ; / 

lat IB_Addr_inB « new_re curs ive_def inition 

falsa 

mt„anv 

' IB_Addr_inE ' 

"IB_Addr_inB (MTBnv IB_Opcode_in IB_Addr_in IB_Data_in IB_BS_in IB_BB_in 

MB_Opcode_in MB__Data_in IBAM_Opcode_in Rst_Opcoda_in) 

■ IB_Addr_in"; ; 
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let IB_Data_inB = new_racursiva_daf inition 
falaa 
mt_anv 

' IB_Data_inE ' 

«IB_Data_inB (MTBnv IB_Opcoda_in IB_Addr_in IB_Data_in IB_BS_in IB_BB_in 

MB_Opcoda_in MB_Data_in IBAM_Opcods_in Rst_Opcoda_in) 

* IB„Data_in' ,f ; ; 

let IB_BS_inE * naw_racursiva_daf ini t ion 
falsa 
rat_anv 
' IB_BS_inB ' 

"IB_BS_inB (MTBnv IB_Opcoda_in IB_Addr_in IB_Data_in IB_BS_in IB_BE_in 

MB_Opcods_in MB_Data_in IBAM_Opcoda_in Rst_Opcoda_in) 

■ IB_BS_in" / ; 

lat IB_BB_inB * naw_racursiva_daf ini t ion 
falsa 
mt_anv 
' IB_BE_inB ' 

"IB_BB_inE (MTBnv IB_Opcods_in IB_Addr_in IB_Data_in IB_BS_in IB_BB_in 

MB_Opcoda_in MB_Data_in IBAM_Opcoda_in Rat_Opcoda_in) 

a IB_BB_in" / ; 

lat MB_Opcoda_inE * naw_r a cur siva_daf inition 
falsa 
mt_anv 

' MB_Opcoda_inB ' 

"MB_Opcoda_inB (MTBnv IB_Opcods_in IB_Addr_in IB_Data_in IB_BS_in IB_BR_in 
MB_Opcoda_in MB_Data_in IBAM_Opcode_in Rst_Opcoda_in) 

« MB_Opcode_in" ; / 

let MB__Data_inE » naw_racursiva_daf inition 

falsa 

mt_anv 

'MB_Data_inB ' 

"MB_Dat a_inE {MTBnv IB_Opcoda_in XB_Addr_in IB_Data_in IB_BS_in IB_BB_in 

MB_Opcoda_in MB_Data_in IBAM_Opcoda_in Rst_Opcoda_in) 

* MB_Data_in"/ ; 

lat IHAM_Opcoda_inB ■ naw_racursivs_daf inition 
falsa 
mt_anv 

' IBAM_Opcoda_inB 1 

"IBAM_Opcoda_inE (MTBnv IB__Opcoda_in IB_Addr_in IB_Data_in IB__BS_in IB_BE_in 
MB_Opcoda_ in MB_Data_in IBAM_Opcoda_in Rst_Opcods_in) 

* IBAM_Opcode_in" ; ; 

lat Rst_Opcoda_inB * naw_racursiva_daf Inition 
falsa 
mt_anv 

' Rst_Opcoda_inB ' 

"Ret_Opcoda_inB (MTBnv IB_Opcoda_in IB_Addr_in IB_Data_in IB_BS_in IB_BE_in 
MB_Opcods_in MB_Data_in IBAM_Opcoda_in Rst_Opcoda_in) 

* Rst_Opcods_in #r / ; 
lat Env_CA BBS * 

prova_casas_thm (prova_inductioa_thm wt_anv)// 

lat PTBnv_Salactors_Work * provs_thm 
( 'PTBnv_Salactors_Work' , 

* ! a : mt_anv . 

a * (MTBnv ( IB_Opcods_inB a) ( IB_Addr_inE a) (IB_Data_inB a) ( IB_BS_inB a) 
(IB_BB_inE a) (MB_Opcoda_inB a) (MB_Data_inB a) 

{ IBAM_Opcoda_inB a) (Rst_Opcode_inB a))", 

OEN_TAC 

THEN STROCT_CASBS_TAC (SPBC *amt_*nv" Bnv_CASES) 

THEN RBWRIT8_TAC [ IB_Opcoda_inB j IB_Addr_inB ; IB_Data_inB; IB_BS_inB ; 

IB_BB_in B; MB_Opcoda_inB ; MB_Data_inB; IBAM_Opcoda_inE / 
Rst_Opcoda_inE ] 

) 7; 
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% 


Abstract data typ* for tha output. 


■% 


1st mt_out = 

dafina_typa 'mt_out' 

< mt_out * MTOut rnbrnop wordnn wordnn wordn ibsop wordnn ' ; ; 

1st MB_Opcods_outO ■ naw_rs cur siva_daf initlon 

falss 

mt_out 

' KB_Opcods_outO ' 

"MB_Opcods_outO (MTOut MB_Opcods_out MB_Addr_out MB_Data_out MB_BS_out 

IB_Opcods_out IB_Data_out) 

s MB_Opcods_out " t / 

1st MB_Addr_outO = naw_racursiva_daf initlon 

falss 

mt_out 

' MB_Addr_ou t 0 1 

"MB_Addr_ou 1 0 (MTOut MB_Opcoda_out MB_Addr_out MB_Data_out MB_BS_out 

IB_Opcods_out IB_Data_out) 

* MB_Addr_out " ; ; 

1st MB_Data_outO * naw_racursiva_daf initlon 

falss 

mt_out 

'MB_Data_outO ' 

"MB_Da t a_out 0 (MTOut MB_Opcods_out MB_Addr_out MB_Data_out MB_BS_out 

IB_Opcods_out IB_Data_out) 

z MB_Dat a_out w ; / 

1st MB_BS_outO = naw_racuraiva_dsf initlon 
falss 
mt_out 
'MB_BS_outO ' 

#, MB_BS_outO (MTOut MB_Opcoda_out MB_Addr_out MB_Data_out MB_BS_out 

IB_Opcods_out IB_Data_out) 

= MB_BS_out " ; ; 

1st XB_Opcods_outO ae naw_racursiva_daf initlon 
falss 
mt_out 

' IB_Opcods_outO * 

* XB_Opcods_outO (MTOut MB_Opcods_out MB_Addr_out MB_Data_out MB_BS_out 

IB_Opcods_out IB_Data_out ) 

* IB_Opcoda_out' r ; ; 

1st IB_Data_outo ■ nsw_rscursivs_dsf inition 

falss 

mt_out 

' IB_Data_outO ' 

*IB_Data_outO (MTOut MB_Opcoda_out MB _Addr_out MB_Data_out MB_BS_out 

IB_Opcods_out IB_Data_out ) 

■ IB_Dat a_out " ; / 


1st Out_CASBS - 

provs_casss_thm (provs_induction_thm mt_out ) / / 


1st PTOut_Sslsctors_Work * provs_thm 
( ' PTOut_Sslsctors_Wor)c • , 

" ip :mt_out . 

p ■ (MTOut (MB_Opcods_outO p) (MB_Addr_outO p) (MB_Data_outO p) 
(MB_BS_outO p) ( IB_Opcoda_outO p) ( IB_Data_outO p) ) ” , 

QEN_TAC 

THEN STRUCT_CASBS_TAC (SPBC *pnnt_OUt w Out_CASKS) 

THEN RBWRITB_TAC [MB_Opcods_outO ; MB _Addr_outO; KB_Data_outO; MB_BS_outO; 
IB_Opcods_outO ; IB_Data_outO] 


) / ) 


closs_thsory ( ) / / 
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File: 


mtranap_def . ml 


Author: (c) D.A. Fura 1993 

Date: 1 March 1993 

This file contains the ml source Cor the trans -level specif ication of tha 
M-Port of tha FTBP PIU, an ASIC developed by tha Embaddad Procesfing 
Laboratory, Boeing High Tachnology Cantar. 


% 


s# t_search_path (aaarch_path{ ) 0 [ ' /home/alvis6/dfura/f tep/piu/hol/mport/ 1 ; 

' /homa/alvia6/dfura/f tap/plu/hol/lib / ‘ ; 

• /home /elvis 6 /dfura /hoi /Library /aba_theory/ ' / 

' /homa/alvia6/dfura/hol/Library/toola/ J 
])/; 

aat_f lag ( 'timing ' , trua )/ t 
ayatam 'rm mtransp_daf . th' ; ; 
new_thaory *mtransp_daf • ; ; 
loadf 'abs_thaory ' ; t 

map naw_parant [ 'mtauxp_def ' / 'array_daf * ; 'wordn_def ' ] ; ; 

lat RBP_ty * aba_typa_info (thaoram 'piuaux_def' 'REP ’ ) } j 

% 

Output definition for M-Port instructions . 


lat MT_Write_OF * naw_daf inition 
( ' MT_Wr it e_OF # , 

* ! (rap ; A REP_ty) (a :mt_anv) . 
MT_Writa_OF rap a « 

lat MB_Opcoda_out * MBM_WritaLM in 


lat 

lat 

lat 

lat 

lat 

lat 


bs * 
aO » 

a0_0 

al_0 

a2_0 

a3_0 


VAL 1 { IB__BS_inE 
IB_Addr_inK a in 


* ALTER ARBN 
- ALTER a0_0 

* ALTER al_0 

* ALTER a2_0 


( 0 ) 
( 1 ) 
( 2 ) 
( 3 > 


») in 

aO in 
(bs 
(bs 
(bs 


lat MB_Addr_out * a3_0 in 


lat dO ■ 
lat dl ■ 
lat d2 * 
lat d3 - 
lat mO ■ 
lat ml - 
lat m2 s 
lat m3 > 
lat baO 
lat bal 
lat ba2 
lat ba3 


ELEMENT 
ELEMENT 
ELEMENT 
ELEMENT 
Ham_Dac 
Ham_Dac 
Ham^Dac rap 
Bam_Lac rap 
- ELEMENT 


( IB_Data_inB 
( IB_Data_inB 
( IB_Data_inB 
( IB_Data_inB 
rap (ELEMENT 
rap (ELEMENT 
(ELEMENT 
(ELEMENT 
(IB_BB_inB < 


A 

O 

A 

(INCN 

18 

aO) 1 

ARBN) in 

> 1 ■> 

(INCN 

18 

(INCN 

18 

aO) ) 

> 2 -> 

(INCN 

18 

(INCN 

18 

(INCN 

1 

ARBN) 

in 




a) ( 0 ) 

in 





a) ( 1 ) 

in 





a) ( 2 ) 

in 





a) (3) 

in 





(MB_Data_inB 

a) 

( 0 ) ) 

in 


(MB_Data_inB 

a) 

(U) 

in 


(MB_Data_inE 

a) 

( 2 )) 

in 


(MB_Data_inE 

a) 

(3)) 

in 



ARBN) in 


ELEMENT ( IB_BB_inE a) 
ELEMENT ( IB_BB_inE a) 
ELEMENT (IB_BB_inE a) 


( 0 ) 

(1) 

( 2 ) 

(3) 


in 

in 

in 

in 


lat 

oOO 

■ 

ELEMENT 

baO 

(0) 

lat 

oOl 

S 

ELEMENT 

baO 

(1) 

lat 

o02 

z 

ELEMENT 

baO 

(2) 

lat 

o03 

m 

ELEMENT 

baO 

(3) 

lat 

olO 

M 

ELEMENT 

bal 

(0) 

lat 

oil 

Z 

ELEMENT 

bal 

(1) 

lat 

ol2 

U 

ELEMENT 

bal 

(2) 


■> 

SUBARRAY 

dO 

(7,0) 1 

= > 

SUBARRAY 

dO 

(15,8) 

*> 

SUBARRAY 

dO 

(23,16) 

*> 

SUBARRAY 

dO 

(31,24) 

*> 

SUBARRAY 

dl 

(7,0) 1 

=> 

SUBARRAY 

dl 

(15,8) 

«> 

SUBARRAY 

dl 

(23,16) 


SOBARRAY mO (7,0) in 
| SUBARRAY mO (15,8) in 
| SUBARRAY mO (23,16) in 
) SUBARRAY mO (31,24) in 
SUBARRAY ml (7,0) in 
| SUBARRAY ml (15,0) in 
| SUBARRAY ml (23,16) in 
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let 

ol3 

> 

ELEMENT bel 

(3) «> SUBARRAY 

dl 

(31/24) 

| SUBARRAY ml 

(31,24) 

in 

let 

o20 

m 

ELEMENT be2 

(0) «> SUBARRAY 

d2 

(7,0) | SUBARRAY m2 (7,0) in 


let 

o21 

m 

ELEMENT be2 

(1) -> SUBARRAY 

d2 

(15,8) 1 

SUBARRAY m2 

(15,8) in 

let 

o22 

m 

ELEMENT be2 

(2) *> SUBARRAY 

d2 

(23,16) 

I SUBARRAY m2 

(23,16) 

in 

let 

o23 

X 

ELEMENT be2 

(3) «> SUBARRAY 

d2 

(31,24) 

I SUBARRAY m2 

(31,24) 

in 

let 

o30 

s 

ELEMENT be3 

(0) *> SUBARRAY 

d3 

(7,0) | SUBARRAY m3 (7,0) in 


let 

o31 

B 

ELEMENT be 3 

(1) «> SUBARRAY 

d3 

(15,8) | 

SUBARRAY m3 

(15,8) in 

let 

o32 

X 

ELEMENT be 3 

(2) -> SUBARRAY 

d3 

(23,16) 

| SUBARRAY m3 

(23,16) 

in 

let 

o33 

s 

ELEMENT be 3 

(3) x> SUBARRAY 

d3 

(31,24) 

1 SUBARRAY m3 

(31,24) 

in 

let 

dOO 


MALTBR 

ARBN 

(7,0) oOO in 



-- 



let 

dOl 


MALTER 

dOO 

(15,8) oOl in 






let 

d02 


MALTBR 

dOl 

(23,16) o02 in 






let 

d03 


MALTBR 

dO 2 

(31,24) o03 in 






let 

dlO 


MALTER 

ARBN 

(7,0) olO in 






let 

dll 


MALTBR 

dlO 

(15,8) oil in 






let 

dl2 


MALTBR 

dll 

(23,16) ol2 in 






let 

d!3 


MALTER 

dl2 

(31,24) ol3 in 






let 

d20 


MALTBR 

ARBN 

(7,0) o20 in 






let 

d2 1 


MALTER 

d20 

(15,8) o21 in 






let 

d22 


MALTBR 

d21 

(23,16) o22 in 






let 

d23 

X 

MALTBR 

d 22 

(31,24) o23 in 






let 

d30 


MALTBR 

ARBN 

(7,0) o30 in 






let 

d31 


MALTBR 

d30 

(15,8) o31 in 






let 

d32 


MALTBR 

d31 

(23,16) o32 in 






let 

d33 


MALTBR 

d32 

(31,24) o33 in 






let 

oO.O 

i : 

« ALTER 

ARBN 

(0) ( Ham.Knc rep d03) in 




let 

ol.O 

1 i 

* ALTER 

oO.O 

(1) (be > 0 ■> 

(Ham_Bnc rep 

dl3 ) j ARBN) 

in 


let 

o2_0 

1 i 

- ALTER 

ol.O 

(2) (b» > 1 «> 

(Ham.Enc rep 

d23) | ARBN) 

in 


let 

o3.C 

I i 

( ALTER 

o2_0 

(3) (ba > 2 «> 

(Ham.Bnc rep 

d33 ) 1 ARBN) 

in 



let MB.Dat a.out « o3_0 in 
let MB.BS.out « IB_BS_inB • in 

let IB_Opcode_out « IBS.Ready in 
let IB.Dat a.out * ARBN in 


)U 


(MTOut MB.Opcode.out MB.Addx.out MB.Dat a.out MB.BS.out IB.Opcode.out 
IB.Dat a.out ) " 


let MT.Read^OF « new_.de f ini t ion 
( 'MT_Read_OF' , 

" ! (rep t A REP_ty) (e jmt_env) . 

MT_Read_OF rep e * 

let MB.Opcode.out - MBM_ReadLM in 
let be * VAL 1 (XB_.BS.inB e) in 
let aO * IB_Addr_inB e in 


let 

a0_0 

- ALTER 

ARBN 

(0) 

aO 

in 







let 

al.O 

« ALTER 

a0_0 

(1) 

(ba 

> 

0 

a> { XNCN 

18 

aO) 1 

ARBN) in 


let 

a2_0 

a ALTER 

al.O 

(2) 

(ba 

> 

1 

-> (INCN 

18 

(INCN 

18 aO)) | 

ARBN) in 

let 

a3_0 

a ALTER 

a2_0 

(3) 

(ba 

> 

2 

«> (INCN 
1 ARBN) 

18 

in 

(INCN 

16 (INCN 

18 aO))) 


let MB_ Addr _ou t ■ a3_0 in 
let MB.Data.out - ARBN in 
let MB.BS.out - IB.BS.inE e in 
let IB_Opcode_out « IBS .Ready in 


let 

dO 

X 

Ham_Dec 

rep 

(ELEMENT 

( MB.Dat a.inE 

• ) 

(0)) 

in 

let 

dl 

X 

Ham_Dec 

rep 

(ELEMENT 

( MB.Dat a.inB 

e) 

(D) 

in 

let 

d2 

X 

Ham.Dec 

rep 

(ELEMENT 

(MB.Dat a.inE 

• ) 

(2)) 

in 

let 

d3 

a 

Ham.Dec 

rep 

(ELEMENT 

(MB.Dat a.inE 

e) 

(3)) 

in 


let d0_0 * ALTER ARBN (0) dO in 

let dl.O a ALTER dO.O (1) (be > 0 » dl | ARBN) in 
let d2_0 « ALTER dl_0 (2) (be > 1 » d2 I ARBN) in 
let d3_0 - ALTER d2_0 (3) (be > 2 ■> d3 I ARBN) in 
let IB.Data.out ■ d3_0 in 




(MTOut MB.Opcode.out MB. Addr. out MB.Data.out MB.BS.out IB.Opcode.out 
IB.Data.out ) m 


let MT.Idle.OF * new.de f ini t ion 
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( 'MT_Idla_OF * , 

"1 (rap t A RBP_ty) (• smt_anv) 
MT_Idla_OP rap a * 

lat MB_Opcoda_out * MBM_Idla in 
lat MB_Addr_out ■ ARBN in 
lat KB_Data_out - ARBN in 
lat MB_BS_out * IB_BS_inB a in 
lat IB_Opcoda_out ■ IBS_Idla in 
lat IB_Data_out * ARBN in 


(MTOut MB_Opcoda_out KB_Addr_out MB_Data_out MB_BS_out IB_Opeoda_out 
IB_Data_out ) " 


) ;; 


% 

M-Port intarpratar dafinition. 


% 


lat MT_Exac - naw_daf inition 


( 'MT_Bxac * , 

u * (mti iMTI) (a stimaT->mt_anv) (p : timaT->mt_out } (t stimaT) 
MT_Exac mti a p t = 

(MB_Opcoda_inE (at) * MBS_Raady) / \ 

( IBAM_Opcoda_inB (at) ■ IBAM_ProcP) /\ 


( (mti 
(mti 
% (mti 


MT_Writa) *> 
MT_Raad) *> 
MT_Idla) % I 


( IB_Opcoda_inB (a t) 

( IB_Opcoda_inE (a t ) 

( ( IB_Opcoda_inB (a t) 
( IB_Opcoda_inB (a t) 
( IB_Opcoda_inE (a t ) 
( IB_Opcoda_inE (a t) 


* PBM_WritaLM) | 
- PBH_RaadLM) 

- PBM_WritaPIU) 
« PBM_RaadP IU ) 

• PBM_Wr itaCB ) 

* PBM_RaadCB) ) ) 


\/ 

\/ 

\/ 




lat MT_PraC « naw_prim_rac_daf inition 
( 'MT_PraC ' , 

* (MT_PraC (mtiiMTI) a p 0 * T) /\ 

(MT_PraC mti a p (SUC t) * 

(MT_Bxac MT_Writa a p t /\ MT_PraC MT_Writa apt) \/ 
(HT_Bxac MT_Raad a p t /\ MT_PraC MT_Raad apt) \/ 
(HT_Bxac MT_Idla a p t /\ MT_PraC MT_Idla a p t))" 


) ; ; 


lat MT_PoatC = naw_daf inition 
( 'MT__PoatC * t 

* j (rap * A RBP_ty) (mti iMTI) (a * timaT->mt_anv) 

(p :timaT->mt_out ) (t JtimaT) . 

MT_Po«tC rap mti a p t « 

(mti * MT_Writa) *> (p t ■ MT_Writa_OF rap (at)) I 
(mti * MT_Raad) *> (p t * KT_Raad_OF rap (at)) 

% (mti ■ MT_Idla) % I (p t - MT_Idla_OF rap (a t ) ) * 

) ; ; 


lat MT_Corract ■ naw_daf inition 
( 'MT_Corract ' , 

M ! (rap * A REP_ty) (mti iMTI) (a s timaT->mt_anv) 
(p rtimaT->mt_out) (t stimaT) . 

MT_Corract rap mti a p t * 

MT_Bxac mti a p t /\ 

MT_PraC mti a p t 
**> 

MT_PoatC rap mti a p t* 


lat MTSat_Corract * naw_daf inition 
( 'MTSat_Corract ' , 

"I (rap i A REP_ty) (a t timaT->mt_anv) (p : t imaT- >mt_out ) . 

MTSat_Corract rap a p * ! (mti :MTI) (t stimaT) . MT_Corract rap mti apt* 

);; 

cloaa_tbaory ( ) ; / 


% 


221 



Fila: 


mtabs_daf .ml 


Author t (c) D . A. Pura 1993 

Data: 27 January 1993 




sat aaarch path f saarch path ( ) 9 [ ' /homa/alvis6/dfura/f tap/piu/hol/nport / ' j 

' /homa/alvis6/dfura/ftap/piu/hol/pport /pproc/ ' / 
' /homa/alvis6/dfura/f tap/piu/hol/lib/ ' / 

' / homa /a lvis 6 /dfura/hol /Library /tools/ ' ; 

' /homa /a lvls 6 /dfura/hol /ml/ ' 

]);; 


sat_flag ( 'timing ' , trua) / ; 
systam 'rm mtab*_dif .th'; j 
naw_thaory 'mtabs_da£ ' ; / 

map naw_parant [ 'piuaur_daf ' ; 'mtaux_daf ' ; 'maux_daf ' / 'array_daf ' ; ' wordn_da f ' ; 

'busn_daf ' / ' tamp log lc_daf ' / / mtrans_daf ' j 'mclock_daf ' ] / j 

naw_typa_abbrav ( ' t ima * , H i num" ) / ; 
naw_typa_abbrav ( ' t imaT * ," \ num" ) > / 
naw_typa_abbrav ( ' t ImaC * \ num* ) > / 

lat ala_sig_ib « naw_daf lnltlon 
( ' ala_a ig_ib ' , 

" 1 (a' s t imaC - >mc_anv ) 

ala_aig_ib a' « 

\u't timaC. BSal ( i_hlda_B (a' u')) /\ ( -BSal ( I_mala_B (a' u')) \/ 

-BSal (I__rala_B (•' u')) \/ 
-BSal (I_cala_B (a' u'))) w 

)/; 

lat rdy_sig_ib * naw_daf ini t ion 
( 'rdy_»lg_ib # , 

"\ (a' : t imaC - >mc_anv ) (p' i timaC->mc_out ) 

rdy_sig_lb a' p' ■ 

\u' : timaC. (BSal (l_srdy_0 (p' u')) « LO) /\ BSal ( I_last_B {a' u'))" 

);; 

lat ack_aig_ib » naw_daf ini t ion 
( 'ack_sig_ib' , 

“ ! (a' :timaC->mc_anv) (p' : t imaC - >mc_out ) . 
ack_sig_ib a' p' ■ 

\u ' j timaC . (BSal (l_srdy_0 (p' u')) * LO) /\ -BSal (I_laat_B (a' u')>" 

)/; 

lat IB_Slava c naw_daf inition 
( ' IB_Slava ' , 

"IB_Slava (mti tMTI) 

(a i timaT->mt_anv) (p : timaT->mt_out ) (t stimaT) 

(a # 1 1 ImaC — >mc anv ) (p 1 * timaC ->mc_out ) (ti' : timaC) * 

lat writa - (BLBMBNT (BSal (I_ad_inB (a' ti'))) (27)) In 

lat raad ■ (-writa) in 

lat Imam * (BSal ( I_mala_B (a' ti')) - F) in 
lat piu - (BSal(I_rala_B (a' ti')) « F) in 
lat cbus * (BSal (I_cala_B (a' ti')) ■ F) in 
lat valid_rqt - % p-port control signals valid % 

(Imam ■■> (-piu /\ -cbus) / \ 
piu *«> -cbus / \ 

( ?u' i timaC. 

STABLB_TRUB_THKN_FALSB (bsig I_last_B a') (ti',u'))) in 

lat valid_ack ■ % m-port control signals valid % 

(?u't timaC. STABLB_HI_THBN_LO (bsig l_srdy_0 p') (ti',u # ) /\ 

!u ' : timaC . 

rdy_sig_ib a' p' u' «*> 
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(?v':timaC. STABLB_HI_THBN_LO (bsig I_srdy_Op') (u'+l,v'))) in 
% •nd-of -act iva- transact ion t ima % 

Imt t'acJc * Bu ' 1 1 imaC . STABL2_FALSR_THBN_TRUB (ack_aig_ib a' p') (ti',u') 

in 

% a lava-raady 0, 1,2,3 timas % 

lat t'rdyO * ®u'» timaC. NTH_TIME_LO 0 (baig l_ardy_0 p') ti' u' in 

lat t ' rdy 1 * Bu'itimaC. NTH_TIMB_LO 1 (bsig I_srdy_0 p') ti' u' in 

lat t * rdy2 * Bu':timaC. NTH_TIMB_LO 2 (bsig l_srdy_0 p') ti' u' in 

lat t ' rdy 3 = Bu':timaC. NTH_TIMB_LO 3 (b*ig l_srdy_0 p') ti' u' in 

% data-valid pradicataa for writa-data words 0,1,2, 3 % 
lat dvO » (t'rdyO <* t'acJc /\ 

STABLB_AB (aig I_ad_inB a') { t i ' +1 , t ' rdyO) ) in 

lat dvl = (t'rdyl <* t'acJc /\ 

STABLB_AB ( a ig I_ad_inB a ' ) { t ' rdy 0 +1 , t ' rdyl ) ) in 

lat dv2 * (t'rdy2 <* t'acJc /\ 

STABLB_AB ( a ig I_ad_inH a ' ) ( t ' rdyl+1 , t ' rdy2 ) ) in 

lat dv3 * (t'rdy3 <* t'acJc /\ 

STABLB_AB (aig I_ad_inB a') (t 'rdy2+l, t 'rdy3 ) ) in 
% writa-data words 0,1, 2, 3 % 

lat dO * (dvO *> BSal (I_ad_inJ5 (a' t'rdyO)) I ARBN) in 

lat dl * (dvl »> BSal (I_ad_inB (a' t'rdyl)) I ARBN) in 

lat d2 * (dv2 *> BSal ( I_ad_inK (a' t'rdy2)) I ARBN) in 

lat d3 ■ (dv3 «> BSal ( I_ad_inB (a' t'rdy3)) I ARBN) in 

% byta-anabla-valid pradicataa for byta anablaa 1,2,3 % 
lat bvl a (t'rdyO <* t'acJc /\ 

STABLE_AB (aig I_ba_B a') ( ti ' +1, t ' rdyO ) ) in 

lat bv2 * (t'rdyl <* t'acJc /\ 

STABLB.AB (aig I_ba_B a') (t ' rdyO+1, t 'rdyl) ) in 
lat bv3 * (t'rdyl <* t'acJc /\ 

STABLB_AB ( a ig I_ba_B a ' ) ( t ' rdyl+1 , t ' rdy2 ) ) in 
% byta anablaa 0,1, 2, 3 % 

lat bO a NOTN 3 (BSal(I_ba_B (a' ti'))) in 

lat bl = (bvl *> NOTN 3 (BSal(I_ba_B (a' t'rdyO))) I ARBN) in 

lat b2 » (bv2 => NOTN 3 (BSal(I_ba_B (a' t'rdyl))) I ARBN) in 

lat b3 « (bv3 a> NOTN 3 (BSal(I_ba_E (a' t'rdyl))) I ARBN) in 

% data-valid pradicataa for raad-data words 0,1, 2, 3 % 

lat avO a (t'rdyO <* t'acJc) in 

lat avl a (t'rdyl <* t'acJc) in 

lat av2 a (t'rdyl <* t'acJc) in 

lat av3 a ( t ' rdy 3 <■ t'acJc) in 

% raad-data words 0, 1,2,3 % 

lat aO a (avO «> wordnVAL (BSal ( I_ad_outO (p' t'rdyO))) I ARBN) in 

lat al » (avl »> wordnVAL (BSal ( I_ad_outO <p' t'rdyl))) I ARBN) in 

lat a2 ■ (av2 a> wordnVAL (BSal (I_ad_outO (p' t'rdyl))) I ARBN) in 

lat a3 * (av3 a> wordnVAL (BSal <I_ad_outO (p' t'rdy3))) I ARBN) in 

( ( IB_Opcoda_outO (p t) * 

(Imam /\ 
valid_ac)c /\ 

(valid_rqt **> 

( ? t ' ac)c : t imaC . STABLB_TRUB_THBN_F ALSB 

(ac)c_aig_ib a' p') (ti' , t 'ack) } ) /\ 

STABLB_AB_OFF (aig I_srdy_0 p') (ti',ti # ) /\ 

STABLB_AB_OFFn ( a ig I_ad_outO p') ( t i 9 , t i ' ) A 

(writa **> 

< lu' : timaC. 
ti' < u' * ■ > 

STABLB_FALSB (ala_aig_ib a') (ti'+l,u') «■> 

STABLB_AB_OFFn (aig I_ad_outOp') (ti'+l,u'))) A 
( iu' i timaC . 

t'acJc < u' **> 

S TAB LB_F ALSB (ala_sig_ib a') ( t ' ac)c+l, u ' ) aa> 

( STABLB_AB_OFF (aig I_ardy_Op') (t 'acJc+l,u' ) /\ 
STABLB_AB_OFFn ( a ig I_ad_outO p ' ) ( t ' acJc+l , u ' ) ) ) ) 

* > IBS_Raady I 
(-Imam /\ 

STABLB_AB_OFF (aig l_srdy_0 p') (ti',ti'J A 
STABLB_AB_OFFn ( a ig I_ad_outO p') ( t i ' , t i ' ) /\ 

( !u' t timaC . 
ti' < u' **> 

STABLB_FALSE (ala_sig_ib a') (ti'+l,u') =«> 

(STABLB_AB_OFF (aig l_srdy_0 p') (ti'+l,u') /\ 
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STABLB_AB_OFFn (sig I_ad_outO p') ( ti ' + l,u' ) ) ) ) 

«> IBS_Idla | IBS_Illagal) /\ 

(IB_Data_outO (p t) ■ 

ALTER (ALTER (ALTER (ALTER ARBN (0) «0) (1) al) (2) «2 ) (3) a3 ) /\ 

( IB_Opcoda_inE (at) * 

( (valid_ack -*> valid_rqt) /\ Imam /\ writa) «> PBMLWritaLM I 
( (valid_ack ««> valid_rqt) /\ Imam /\ raad) «> PBM_RaadLM | 

(piu /\ writa) *> PBM_WritaPIU | 

(piu A raad) «> PBK_RaadPIU I 
(cbus A writa) *> PBM_WritaCB | 

(cbua /\ raad) ■> PBM_RaadCB I PBM_Illagal) /\ 

( IB_Addr_inB (a t) * SUBARRAY (BSal (I_ad_inE (a' ti'))) (23,0)) A 

(IB_Data_inB (at) - 

ALTER (ALTER (ALTER (ALTER ARBN (0) dO) (1) dl) (2) d2 ) (3) d3 ) A 

( IB_BS_inE (a t) * SUBARRAY (BSal ( I_ad_inE (a' ti'))) (25,24)) A 

(IB_BK_inB (at) « 

ALTER (ALTER (ALTER (ALTER ARBN (0) bO) (1) bl) (2) b2 ) (3) b3 ) ) " 

)77 

lat IBA_PMSlava = naw_daf inition 
( ' IBA_PMS 1 a va ' , 

" IBA_PMSlava (mti iMTI) 

(a : timaT->mt_anv) (p : timaT->mt_out ) (t rtimaT) 

(a' t timaC ->mc_anv) (p' 1 1 ima C - >mc_out ) (ti' t timaC) * 
lat t'ack = Bu ' : timaC . STABLE_FALSB_THBN_TRUB (ack_sig_ib a' p') <ti',U') 

in 

( IBAPM_Opcoda_inE (at) ■ 

( STABLE_AB_TRUE ( a ig I_hlda_E a ' ) ( t i ' , t ' ack ) ) 

«> IBAPM_ProcP | IBAPM_Illagal ) " 

) 7 7 

lat cs_sig__mb * naw__daf inition 
( ' cs_sig_mb ' , 

H \ (p' s t imaC - >mc_out ) . 

cs_sig_mb p ' * 

\u' : timaC . -ASal (MB_cs_asprom _0 (p' u' ) ) \/ -ASal (MB_cs_sram_0 (p' u'))" 

) 7 7 

lat MB_Mastar ■ naw_daf inition 
( 'MB_Mastar ' , 

"MB.Maatar (mti iMTI) 

(a ttimaT->mt_anv) (p i timaT->mt_aut ) (t itimaT) 

(a' * timaC- >mc_anv) (p' * timaC ->mc_out ) (ti' i timaC) * 

% data-writa timaa % 


lat 

t 'w0 

■ 

Bu ' 1 1 ima C . 

NTH_T mB_CHANGES_F ALSE 

0 

(bsig 

MB_wa_0 

P') 

ti' 

u' in 

lat 

t 'wl 

■ 

Bu ' * t imaC . 

NTH_T IMB_CHANGBS_F ALSE 

1 

(bsig 

MB_wa_0 

P') 

ti' 

u' in 

lat 

t 'w2 

■ 

Bu ' : t imaC . 

NTH_T IME_CHANOE S_F ALSE 

2 

(bsig 

MB_wa_0 

P' ) 

ti' 

u' in 

lat 

t'w3 

■ 

Bn ' * t imaC . 

NTH_TIHB_CHANGBS_FALSE 

3 

(bsig 

MB_wa_Q 

P' ) 

ti' 

u' in 

% data-raad timas % 
lat t'rO - Bu'i timaC. 

NTH_T IME_CHANOBS_FALSB 

0 

(bsig 

MB_oa__0 

P'> 

ti' 

u' in 

lat 

t ' rl 

. 

Bu' * timaC. 

NTH_TIMB_CHANGES_FALSB 

1 

(bsig 

MB_oa_0 

P' ) 

ti' 

u' in 

lat 

t 'r2 

m 

Bu ' 1 1 imaC . 

NTH_TIMB_CHANOHS_FALSB 

2 

(bsig 

MB_oa_0 

PM 

ti' 

u' in 

lat 

t 'r3 

■ 

Bu' i timaC. 

NTH_T ZHB_CHANGES_FALSB 

3 

(bsig 

MB_oa_Q 

PM 

ti' 

u' in 

lat 

•ran 

■ 

-BSal (MB_cs_sram i _0 (p' (ti'+l))) in 







lat aaprom* -BSal (MB_ca_aaprom_0 (p' (ti'+l))) in 

% addraaa -valid pradicata for all addraas words % 
lat valid_addr * 

( ( a ram **> 

( !u ' . ( CHANGE S__FALSE (baig MB_wa_0 p') u' \/ 

CHANGE S_F ALSE (baig MB_oa_0 p') u') 

-«> STABLB_AB (aig MB_addrO p' ) (u',u'+l))) A 

(aaprom ■■> 

Mu'. (CHANGES_FALSB (baig MB_wa_0 p') u' \/ 

CHANGES_FAL5E (baig MB_oa_0 p') u') 

-■> STABLE_AB (aig MB_addrO p') (u',u'+2))) /\ 

( !u ' v' n. ( S TAB LE_F ALSE (ala_sig_ib a') (ti'+l, u') /\ 

S TAB LB_F ALSE (ala_aig_ib a') (ti'+l, v') A 

NTH_TXME_CHANGBS_FALSE n (baig MB_oa_0 p') ti' u' /\ 
NTH_TIMB_C HANGS S_FALSB n (baig MB_wa_0 p' ) ti' v' ) 

■■> (BSal (HB_addrO (p' u')) - BSal (MB_addrO (p' v' ) ) ) ) ) in 
% data-valid pradicata for all data words % 
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lat valid_data = 

( (tram **> 

((IU*. (CHANQBS_FALSE (blig MB_wi_0 p') u' 

=*> STABLB_AB (aig MB_data_outO p') (u'^'+l)))) /\ 

( ! u ' . (-ASal(MB_oa_0 <p # u')) \/ -BSal (MB_oa_0 (p' u')>) 

»=> STABLE_AB_OFFn (aig MB_data_outO p') <u',u'))) A 

(••prom =*> 

({tu'. { CHANGBS_FALSB (baig MB_wa_0 p') u # 

=*> STABLB_AB (aig MB_data_outO p') (u',u'+2)))) /\ 

Mu'. ( -ASal (MB_oa_0 (p' u')) \/ -BSal (MB_oa_0 (p' u'))) 

=*> STABLE_AB_OFFn (aig MB_data_outO p') (u' ,uA ) ) ) in 

% add r«aa worda 0,1, 2,3 % 

l*t aO * U?u'. (STABLB_FALSB (ala_aig_ib •' ) (ti'+l,u') /\ 

(NTH_TIME_C RANGE S_FALSB 0 (baig MB_wa_0 p') ti' U'))) 

*> BS*1 (MB_addrO (p' t'wO)) I 
(?u'. ( STABLE_FALSB (ala_aig_ib • ') (ti'+l,u') A 

( NTH_TIME_CHANOBS_FALSB 0 (baig MB_oa_0 p') ti' u'))) 

*> BSal (HB_addrO (p' t'rO)) I ARBN) in 
lat al « ((?u'. (STABLB_FALSB (al*_aig_ib a') (ti'+l,u') /\ 

(NTH_TXMK_CHANOBS_FXLSB 1 (baig MB_wa_0 p') ti' u'))) 

*> BSal (MB__addrO (p' t'wl)) I 
(?u'. (STABLB_FALSB (ala_aig_ib • ') (ti'+l,u') /\ 

( NTH_TIMB_CHANGBS_FALSE 1 (baig MB_oa_0 p' ) ti' u'))) 

*> BSal (HB_addrO (p' t'rl)) I ARBN) in 
lat a2 « ((?u'. (STABLE_FALSE (ala_aig_ib • ') (ti'+l,u'J /\ 

(NTH_TIME_CHANOBS_FALSB 2 (baig MB_wa_0 p') ti' u'))) 

■> BSal (NB_addrO (p' t'w2)) I 
(?u'. (STABLB_FALSB ( ala_aig_ib a ' ) (ti'+l,u') /\ 

( NTH_TIMK_CHANGKS_FALSB 2 (baig HB_oa_0 p') ti' U'))) 

-> BSal (MB_addrO (p' t'r2)) I ARBN) in 
let a3 - (<?u'. (STABLB_FALSB (ala_aig_ib •') (ti'+l,u') /\ 

( NTH_TIMB_CHANGBS_F ALSB 3 (baig MB_wa_0 p') ti' U'))) 

«> BSal (MB_addrO (p' t'w3)) I 
(?u'. ( STAB LE_F ALSB (ala_aig_ib •') (ti'+l,u') /\ 

(NTH_TIMB_CHANGBS_FALSB 3 (baig MB_oa_0 p') ti' u'))) 

«> BSal (MB_addrO (p' t ' r3 ) ) I ARBN) in 
% writa-data worda 0, 1,2,3 % 

let dwO * <(?u'. ( STABLB_FALSB (ala_aig_ib •') (ti'+l,u') /\ 

( NTH_TIHB_CHANGBS_FALSB 0 (baig MB_wa_0 p') ti' u'))) 

*> wordnVAL {BSal (MB_data_outO (p' t'wO))) I ARBN) in 
let dwl = ((?u'. ( STABLB_FALSB (ala_aig_ib •') (ti'+l,u') /\ 

( NTH_TIMB_CHANOKS_FALSK 1 (baig HB_wa_0 p') ti' U'))) 

*> wordnVAL (BSal (MB_data_outO (p' t'wl))) l ARBN) in 
lat dw2 « ((?u'. (STABLB_FALSB (ala_aig_ib •') (ti'+l,u') /\ 

(NTH_TIMB_CHANOBS_FALSB 2 (baig MB_wa_0 p') ti' U'))) 

»> wordnVAL (BSal (MB_data_ontO (p' t'w2))) 1 ARBN) in 

let dw3 * ((?u'. (STABLB_FALSB (ala_aig_ib •') (ti'+l,u') /\ 

( NTH_TIMK_CHANOKS_FALSK 3 (baig MB_wa_0 p' ) ti' u'))) 

>> wordnVAL (BSal (MB_data_outO (p' t'w3))) I ARBN) in 
% raad-data worda 0 , 1 , 2 , 3 % 

let drO * ((?u'. ( STABLB_FALSB (ala_eig_ib •' ) (ti'+l,u') /\ 

(NTH_TIME_CHANGBS_FALSB 0 (baig MB_oa_0 p') ti' u'))) 
m> (aram ■> BSal <MB_data_in B (•' (t'rO+1))) 

I BS«1 (HB__data_inB (•' (t'rO+2)))) I ARBN) in 

lat drl « ((?u'. ( STABLB_FALSB (ala_aig_ib •') (ti'+l,u') /\ 

( NTH_TIME_CHANGBS__FALSB 1 (baig MB_oa_0 p' ) ti' u'))) 

«> (aram «> BSal (MB_data_inE (•' (t'rl+1))) 

| BSal (MB_data_inB (•' (t'rl+2)))) I ARBN) in 

lat dr2 = <(?u'. ( STABLB_FALSB (al»_aig_ib •') (ti'+l,u') /\ 

{ NTH_TIHB_CHANOKS_FALSE 2 (baig MB_O«_0 p') ti' u'))) 

«> (aram -> BS*1 (MB_data_inB (•' (t'r2+l))) 

I BSal (MB_data_inB (•' (t'r2+2)))) I ARBN) in 
lat dr 3 = ((?u'. ( STABLE_FALSB (ala_aig_ib •') (ti'+l,u') /\ 

( NTH_TXMB_CHANOBS_FALSB 3 (baig MB_oa_0 p' ) ti' u'))) 

«> (aram » BSal (MB_data_inB (•' (t'r3+l))) 

| BSal (KB_data_inB (•' (t'r3+2)))) I ARBN) in 

( (MB_Opcoda_outO (p t) ■ 

( ( (valid_addr) /\ 

(valid_data) /\ 

(?u'. -BSal (MB_wa_0 (p' u')) /\ 

STAB LK_F ALSU (ala_aig_ib •') (ti'+l,U'))) «> MBM_WritaLM I 
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( (valid_addr) /\ 

(valid_data) /\ 

(?u'. -BSsl (MB_os_0 (p' u')) /\ 

STABLB_FALSE (als_siff_ib s') (ti'+l,U'))) *> MBM_RsadLM | 

(!u'. STABLE_FALSB (als_siff_ib s ' ) <ti'+l,U') 

= =*> (STABLE_AB_TRUB (siff MB_cs_sspronuO p' ) (ti ' + l,u' > /\ 
STABLB_AB_TRUB («±ff MB_cs_sram_0 p') (ti'+l,u f ) /\ 
STABLE_AB_TRUB (lifl MB.Wl.O p') (ti'+l,U') /\ 

STABLB_AB_TRUE (lig MB.oi.O p') <ti'*l,U'))) =>MBM_Idls 

I MBM_Ill«ffal) ) /\ 

(MB__Addr_outO (p t) * 

ALTER (ALTER (ALTER (ALTER ARBN (0) aO ) (1) al) (2) a2) (3) a3 ) /\ 

(MB_Data_outO (p t) * 

ALTER (ALTER (ALTER (ALTER ARBN (0) dwO) (1) dwl) (2) dw2 ) (3) dw3 ) /\ 
(MB_BS_outO (p t) - 

(!u'. STABLE_FALSB (als_aiff_ib s ' ) (ti'+l,u') 

*=» (LESS_THAN_N_TIMES_CHANOBS_FALSB 1 (bsiff MB_WS_0 p') ti' U' /\ 
LESS_THAN_N_TIMES_CHANQBS_FALSB 1 (bsiff MB_OS_0 p') ti' u')) 


=> WORDN 0 | 

( Ju ' . STABLE_FALSB (als_siff_ib a ' ) (ti'+l,u') 

«> ( LESS_THAN_N_TIMBS_CHANOKS_FALSS 2 

LBSS_THAN_N_TIMKS__CHANOBS_FALSB 2 
*> WORDN 1 I 

(lu'. STABLB_FALSB (ala_siff_ib a ' ) <ti'+l,u') 

«*> { LESS_THAN_N_TIMES_CHANOBS_FALSE 3 
LBSS_THAN_N_TIMES_CHANQBS_FALSE 3 
«> WORDN 2 I 

( !u ' . STABLB_FALSK (ala_siff_ib • ' ) (ti'+l,u') 

.«> ( LESS_THAN_N_TIMES_CHANOBS_FALSB 4 

LESS_THAN_N_TIMBS_CHANQBS_FALSR 4 
» WORDN 3 I ARB) /\ 


(bsiff 

(bsiff 


(bsiff 

(bsiff 


(bsiff 

(bsiff 


KB_wa_0 p') 
MB__oa_0 p ' ) 


MB_wa_0 p ' ) 
MB_oa_0 p ' ) 


MB_wa_0 p') 
MB_os_0 p') 


ti' 

ti' 


ti' 

ti' 


ti' 

ti' 


u' /\ 
u') ) 


u' /\ 
u')) 


u' A 
u'>) 


(MB_Opcoda_inB (• t) m MBS_Raady) /\ 

(MB_Data_inB (• t) « 

ALTER (ALTER (ALTER (ALTER ARBN (0) drO) (1) drl) (2) dr 2) (3) dr 3 ) ) " 


1st Rst_Slav# * naw_daf inition 
( 'Rst_Slava ' , 

"Rat_Slavs (mti iMTI) (s t t imaT->mt_anv) (t ttimsT) (s' t timsC ->mc_anv) * 
Rat_Opcods_inB (s t) * 

(lu'JtimsC, BSsl (RstE (s' u')) - F) *> RM_NoRasat | RM_Illaffal" 

);; 

1st MStatsAbs ■ nsw__dsf ini t ion 
( 'MStataAbs' , 

"MStataAbs (mti :MTI) (s : timaT->mt_stata) (s : timsT->mt_anv) 

(p : timaT->mt_out) (t ttimsT) (s' t timaC->mc_stats) 

(s' t timsC->mc_snv) (p' * timsC->mc_out ) (ti' ttimsC) ■ 

% (t' - 0) % 

(M_f *m_*tatsS (s' 0) ■ MI) /\ 

( ( ti ' > 0 ) **> 

(M_f sm_statsS (s' ti') ■ MT_f snustatsS (s t) ) > A 
( 1 ti ' sue : timsC . 

NTH_TIME_TRUE (SOC t) (als_siff_ib s') 0 ti'suc — > 

( MT_£ sm_s t at m3 (s (t+1)) * M_fsm_*tataS (s' ti'suc)))* 

);; 

1st MTAbs = ns w_daf inition 
( 'MTAbs' , 

"MTAbs (mti tMTI) (s : timaT->mt_atats) (s i t imsT->mt_snv) 

(p r timsT->mt_out ) (t ttimsT) (s' i timsC ->mc_s tats) 

(s' i timsC ->mc_snv) (p ' * timsC- >mc_out) * 

MT_Bxsc mti s s p t 

=a > 

(? (ti' ttimsC). 

NTH_TIMB_TRUB t (als_siff_ib s') 0 ti' /\ 

IB_Slavs mti s p t s' p' ti' /\ 
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IBA_PMSlava mti apt a' p' ti' /\ 

MB_Mastar mti # p t •' p' ti' /\ 

Rst_Slave mti • t a' /\ 

MStateAbs mti s apt s' a' p' ti'}" 

) ; ; 

lat MTAbeSet ■ naw_daf init ion 
( 'MTAbsSat ' , 

"MTAbsSat (s : timaT->mt_stata) (a : timaT->mt_anv) (p : timaT->mt_out ) 

(s' i timaC->mc_stata) (a' : timeC->mc_anv} (p' : timaC->mc_out ) = 

! (mti: MTI) (trtimaT) . MTAbs mti s apt s' a' p'" 

);; 

closa_thaory( ) / j 


4.4 C-Port Transaction-Level Specification 

This section contains the theories ciauxpjdef and ctransp_def, defining the C-Port transaction-level data 
structures and interpreter, respectively. 


% 


Fila: ctauxp_daf .ml 

Author: (c) D.A. Fura 1992-93 

Data: 1 March 1993 

This fila contains typas and dafinitions for tha t ran a act ion- 1 aval 
spacif ication of tha P-Procass of tha PIU C-Port. 

% 


sat_f lag ('timing', trua) j / 

sat saarch path (saarch path() ® [ ' /home/elvisfi/dfura/f tap/piu/hol/lib/ ' ; 

' /homa/alvis6/dfura/f tap/piu/hol/cport / ' ? 
' /homa/elvis6/dfura/hol/Library/tools/ ' 

] )n 


systam 'rm ctauxp_daf . th ' / ; 

naw_t haory ' ct auxp_da f ' ; ; 

naw_typa_abbrav ( ' t ima ' , * t num" ) ; ; 
naw_typa_abbrav ( ' t imaT ' , " : num" ) ; ; 
naw_typa_abbrav ( ' wordn ' , * : ( num- >bool ) " ) ; ; 
naw_ t ypa_abb r a v ( ' wordnn' , * : (num- > wordn) * ) / ; 

% — 

Abstract data typa for tha C-Port instruction sat. 


lat CTI * 

daf ina_typa ' CTI ' 

'CTI * CT_Writa I CT_Raad | CT_Idla ' ; / 

% 

Abstract data typa for tha C-Port transaction op coda s . 


% P-Bus Mastar Op codas % 
let pbtnop * 

da f ina_type ' pbmop ' 

'pbmop « PBM_WritaLM I PBMJWritaPIU | PBM_WritaCB | PBM_RaadLM | 
PBM_ReadPIU I PBM_RaadCB \ PBM_Illagal '// 


227 


% I -Bus Slavs Opcodss % 

1st ibsop * 

dsf ina_typa ' ibsop ' 

' ibsop » IBS.Rsady I IBS_Idls | IBS.Illagal ' ; / 

% 1 -Bus Arbitration-Mastsr Opcodss % 

1st ibamop * 

dsf ins_typs ' ibamop ' 

' ibamop - IBAM_ProcP | IBAM_ProcC j IBAM_Illsgal ' 7 ; 

% C-Bus Mastsr Opcodss % 

1st cbmop * 

dsf ins_typs 'cbmop' 

' cbmop * CBM_WritsCB I CBM_RsadCB | CBM_Idls I CBM_Illsgal ' / ; 

% C-Bus Slavs Opcodss % 

1st cbsop = 

dsf ins_typs ' cbsop ' 

'cbsop ■ CBS_Rsady | CBS__Illsgal ' ; ; 

% Rssst Mastsr Opcodss % 

1st rmop « 

ds f ins_typs ' rmop ' 

'rmop » RM__NoRssst I RM_Illsgal 1 ; ; 


% 

Abstract data typa for ths snvironmsnt 


■% 


1 st ct_snv » 

dsf ins_typs ' ct_snv ' 

' ct_snv x CTBnv pbmop wordn wordnn wordn wordnn cbsop wordnn ' ; ; 

1 st IB_Opcods_inB * nsw_racursiva_dsf inition 

falss 

ct_anv 

9 IB_Opcods_inE ' 

" IB_Opcods__inB (CTBnv IB_Opcods_in IB_Addr_in IB_Data_in IB_BS_in 

IB_BK_in CB_Opcods_in CB_Data_in) 

* IB_Opcods_in" ; ; 

1 st IB_Addr_inE * nsw_rscursiva_daf inition 
falss 
ct_anv 

' IB_Addr_inB ' 

" IB_Addr_inK (CTBnv IB_Opcods_in IB__Addr_in IB_Data_in IB_BS_in 

IB_BB_in CB_Opcods_in CB_Data_in) 

« IB_Addr_in" f / ; 

1 st IB_Data_inB = nsw_r s cur sivs_dsf inition 
falss 
ct_snv 

' IB_Data_inR ' 

"IB_Data_inB (CTBnv IB_Opcods_in IB_Addr_in IB_Data_in IB_BS_in 

IB_BB_in CB_Opcods_in CB_Data_in) 

* IB__Data_in"/ ; 

1 st IB_BS_inB x nsw_rscursivs_dsf inition 
falss 
ct_snv 
' IB_BS_inB ' 

"IB_BS_inB (CTBnv IB_Opcods_in IB_Addr_in IB_Data_in IB_BS_in 

IB_BB_in CB_Opcods_in CB_Data_in) 

x lB_BS_in" ; / 

1 st IB_BB_inB * nsw_rscursivs_dsf inition 
falss 
ct_snv 
' IB_BB_inB ' 

"IB_BB_inE (CTBnv IB_Opcods_in IB_Addr_in IB_Data_in IB_BS_in 

IB_BE_in CB_Opcods_in CB_Data_in) 
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let CB_Opcode_inB « new_r e cur sive_def initlon 

false 

ct_env 

' CB_Opcode_inB ' 

"CB_Opcode_inB (CTBnv IB_Opcode_in IB_Addr_in IB_Data_in IB_BS_in 

IB_BB_in CB_Opcode_in CB_Data_in) 

= CB_Opcode_in" ; ; 

let CB_Data_inB * new_re cur sive_def initlon 
false 
ct_env 

' CB_JData_inB ' 

"CB_Data_inB (CTBnv IB_Opcode_in IB_Addr_in IB_Data_in IB_BS_in 
IB_BB_in CB_Opcoda_in CB_Data_in) 

■ CB_Data_in"; ; 
let Bnv_CASBS = 

prove_cases_thin (prove_induction_thm ct_env) / ; 

let CTBnv_Selectors_Work = prove_thm 
( 'CTEnv_Selectors_Work ' , 

N !«i ct_env . 

e * (CTBnv ( IB_Opcode_inB e) (IB_Addr_inB e) (IB_Data_inE e) (IB_BS_inB •) 
{ IB_BB_inB e) (CB_Opcode_inB e) (CB_Data_inK e) ) " , 

OBN_TAC 

THEN 3 TROC T_C ASB S_TAC (SPEC "e : ct_env" Bnv_CASKS) 

THEN RBWBITB_TAC [ IB_Opcode_inS ; IB_Addr_inB; IB_Data_inB; IB_BS_lnB; 
IB_BB_inB ; CB_Opcode_inB ; CB_Data_inB] 


% 

Abstract data type for the output 


% 


let ct_out ■ 

de f ine_type ' c t_out ' 

* ct out * CTOut cbmop wordn wordnn wordn wordnn ibeop 

wordnn ' ; / 

let CB_Opcode_outO * new_recursive_def initlon 
false 
ct_out 

' CB_Opcode_outO ' 

"CB_Opcode_outO (CTOut CB_Opcode_out CB_Addr_out CB_Data_out CB_BS_out 
CB_BB_out IB_Opcode_out IB_Data_out ) 

» CB_Opcode_out* / ? 

let CB_Addr_out 0 * new_recursive_def lnition 
false 
ct_out 

' CB_Addr _ou t 0 ' 

"CB_Addx_outO (CTOut CB_Opcode_out CB _Addr_out CB_Data_out CB_BS_out 
CB_BB_out IB_Opcode_out IB_Data_out) 

m CB_Addr_out" / ; 

let CB_Data_outO * new_recursive_def ini t ion 
false 
ct__out 

' CB_Data_outO ' 

"CB_Data_outO (CTOut CB_Opcode_out CB_Addr_out CB_Data_out CB_BS_out 
CB_BB_out IB_Op code_ou t IB_Data_out ) 

* CB_Data_out ff / ? 

let CB_BS_ou t O * new_recurslve_def Initlon 
false 

ct_out 
' CB_BS_outO ' 

"CB_BS_outO (CTOut CB_Opcode_out CB_Addr_out CB_Data_out CB_BS_out 
CB_BB„out IB_Opcode_out IB_Data_out ) 

* CB_BS_out " ; / 
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lat CB_BE_outO * naw_racursiva_daf ini t ion 

falsa 

ct_out 
' CB_BB_outO ' 

" CB_BE_ou 1 0 ( CTOut CB_Opcoda_out CB_Addr_out CB_Data_out CB_BS_out 

CB_BB_out IB_Opcoda_out IB_Data_out) 

■ CB_BB_out"; ; 

lat IB_Opcoda_outO * naw_racur*iva_daf ini t Ion 
falsa 
ct_out 

' IB_Opcoda_outO * 

"IB_Opcoda_outO (CTOut CB_Opc oda_out CB_Addr_out CB_Data_out CB_BS_out 

CB_BB_out IB_Opcoda_out IB_Data_out) 

* IB_Opcoda_out " ; ; 

lat IB_Data_outO = naw_racuraiva_daf inition 

falsa 

ct_out 

' IB_Data_outO ' 

*IB_Data_outO (CTOut CB_Opcoda_out CB_Addr_out CB_Data_out CB_BS_out 

CB_BB_out IB_Opcoda_out IB_Data_out ) 

* IB_Data_out 99 / > 
lat Out_CASBS - 

prova_casas_thin (prova_induction_thm et_out);; 


lat CTOut_Salactors_Work = prova_thm 
( ' CTOut _Sal act or s_Work' , 

"!ptct_out . 

p - (CTOut { CB_Opcoda_outO p) (CB_Addr_outO p) (CB_Data_outO p) 
(CB_BS_OUt0 p) (CB_BB_outO p) ( IB_OpCoda_outO p) 

( IB_Data_outO p ) ) • , 


GBN_TAC 

THBN STR0CT_CASBS_TAC (SPBC “p:ct_OUt" Out_CASBS) 

THEM REWRITB_TAC [CB_Opcoda_outO/ CB_Addr_outO ; CB_Data_outO ? CB_BS_outO; 
CB_BB_outO j IB_Opcoda_outO / IB_Data_outO] 




closa_thaory< ) / ; 


% 


Filai ctransp_daf.ini 

Author: (c) D.A. Fura 1992-93 

Data* 1 March 1993 

This fila contains tha ml sourca for tha trans-laval spaclf icatlon of tha 
C-Port of tha FTBP PIU, an ABIC davalopad by tha Bmbaddad Procassing 
Laboratory, Boaing High Tachnology Cantar. This spaclf icat ion is for tha 
procass associatad with tha P-Port - tha C-Port mas tars tha C-Bus according 
to a P-Port raquast. 


% 

sat_saarch_path ( saarch_path( ) 0 ( ' /homa/alvis6/dfura/f tap/piu/hol/cport /pproc / ' t 

9 /homa/alvis6/dfura/f tap/piu/hol/lib/ ' ; 

' /homa/alvls6/dfura/hol/Library/abs_thaory/ ' ; 

# /homa/alvls6/dfura/hol/Library/tools/ ' 

] ) ; ; 

sat_flag ('timing', trua) ; ; 
systam ' rm ctransp_daf . th' ; ; 
naw_thaory ' ctransp_daf ' / ; 
loadf ' abs_thaory ' ; ; 
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map naw_parent [ ' ctauxp_def ' / ' array_def ' j ' wordn_def ' ; ' ineq 1 ] / ; 

l«t REP_ty * abe_type_inf o (theorem 'piuaux_def' 'REP ' ) / / 

% 

Output definition for C-Port inetructions . 


let CT_Write_OP = new_def ini t ion 
( 'CT_Writa_OF * , 

" ! (rep : A REP_ty) (e tct_env) . 

CT_Write_OP rep e * 

let CB_Opcode_out * CBM_WriteCB in 

let CB_Addr_out * IB_Addr_inE e in 

let be = VAL 1 (IB_BS_inE e) in 

let dO * ELEMENT (IB_Data_inE e) (0) in 

let dl - ELEMENT (IB_Data_inE e) (1) in 

let d 2 - ELEMENT ( IB_Data_inE e) (2) in 

let d3 * ELEMENT { IB_Data_inE e) (3) in 

let oO * ALTER ARBN (0) (Par_Enc rep dO) in 

let ol ■ ALTER oO (1) (be > 0 -> (Par_Bnc rep dl) I ARBN) in 

let o2 * ALTER ol (2) (be > 1 *> (Par_Enc rep d2) 1 ARBN) in 

let o3 * ALTER o2 (3) (be > 2 «> (Par_Bnc rep d3) I ARBN) in 

let CB_Data_out * o3 in 

let CB_BS_out * IB_BS_inB e in 

let CB_BB_out * IB_BE_inE e in 

let IB_Opcode_out » IBS_Ready in 

let IB_Data_out ■ { ARBN: num->wordn) in 


) ; ; 


(CTOut CB_Opcode_out CB_Addr_out CB_Data_out CB_BS_out CB_BE_out 
IB__Opcode_out IB_Data_out ) " 


at CT_Raad_OF = new_def inition 
( ' CT_Read_OF ' , 

*1 (rep i*RBP_ty) (e *ct_env) . 

CT_Read_OF rep e * 

let CB_Opcode_out * CBM_ReadCB in 
let CB_Addr_out = IB_Addr_inE e in 
let CB_Data_out « ( ARBN: num->wordn) in 

let CB_BS_out = IB_BS_inE e in 
let CB_BB_out * IB_BE_inE e in 
let IB_Opcode_out « IBSJReady in 
let be - VAL 1 (IB_BS_inE e) in 
let dO ■ Par_Dec rep (ELEMENT (CB_Data_inB e 

let dl = Par_Dec rep (ELEMENT (CB_Data_inB 

let d2 * Par_Dec rep (ELEMENT (CB_Data_inE 

let d3 Par_Dec rep (ELEMENT (CB_Data_inE 

let d0_0 * ALTER ARBN (0) dO in 

let dl_0 = ALTER d0_0 (1) (be > 0 => dl | 

let d2_0 * ALTER dl_0 (2) (be > 1 ■> d2 I 

let d3_0 - ALTER d2_0 (3) (be > 2 «> d3 | 

let 


e) 

(0>) 

in 

e) 

(D) 

in 

e) 

(2)) 

in 

e) 

(3) ) 

in 


ARBN) in 
ARBN) in 
ARBN) in 


IB_Data_out = d3_0 in 


) ;; 


(CTOut CB_Opcode_out CB_Addr_out CB_Data_out CB_BS_out CB_BB_out 
IB_Opcode_out IB_Data_out ) * 


let CT_Idle_OF ■ new_def inition 
( 'CT_Idle_OF ' , 

" 1 (rep : A REP_ty) (e :ct_env) . 

CT_Idle_OF rep e * 

let CB_Opcode_out * CBM_Idle in 

let CB_Addr_out « ARBN in 

let CB_Data_out * ( ARBN : num- > wordn ) in 

let CB_BS_out « ARBN in 

let CB_BB_out - ARBN in 

let IB_Opcode_out ■ IBS_Ready in 

let IB_Data_out * ARBN in 

(CTOut CB_Opcoda_out CB_Addr_out CB_Data_out CB_BS_out CB_BE_out 
IB_Opcode_out IB_Data_out) * 
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C-Port interpreter definition. 

% 

let CT_Bxec » new_def inition 
( ' CT_Rxec # , 

M l (cti tCTI) (e : t imeT- >ct_env) (p : timeT->ct_out ) (t stimeT) 

CT_Bxec cti e p t * 

(CB_Opcode_inB (e t) * CBS_Ready) /\ 

( IBAM_Opcode_inB (e t) * IBAM_ProcP ) /\ 

((cti * CT_Write) »> ( IB_Opcode_in B (e t) * PBM_WriteCB) l 
(cti = CT_Read) *> ( IB_Opcode_inB (e t) * PBM_ReadCB ) 

% (cti = CT_Idle ) % | ( ( IB_Opcode_inB (e t> « PBMJfriteLM) \/ 

( IB_Opcode_inR (e t) * PBM_ReadLM) \/ 

( IB_Opcode_inE (e t) = PBM_WritePIU) \/ 

( IB_Opcode_inB (e t) * PBM_ReadPIU) ) ) " 

);; 

let CT_PreC ■ new _prinurec_deff inition 
( ' CT_PreC ' , 

" (CT_PreC (cti i CTI) e p 0 * T) /\ 

(CT__PreC cti e p (SUC t) * 

(CT_Bxec CT_Write e p t A CT_PreC CT_Write e p t) \/ 

(CT_Bxec CT_Read e p t /\ CT_PreC CT_Read e p t) \/ 

(CT_Bxec CT_Idle e p t /\ CT_PreC CT_Idle e p t))" 

);; 

let CT_PoatC ■ new_def inition 
( 'CT_PoetC 1 , 

"\ (rep : A RBP_ty) (cti rCTI) (e : timeT->ct_env) 

(p » t imeT- >ct_out ) (t ttimeT) . 

CT_Po*tC rep cti e p t * 

(cti « CT_Write) «> (p t » CT_Write_OF rep (e t) ) | 

(cti m CT_Read) ■> (p t * CT_Read_OF rep (at)) 

% (cti « CT_Idle) * I (p t - CT_Idle__OF rep (e t))" 

);/ 

let CT_Correct ■ new_def inition 
( 'CT_Correct ' , 

u ! (rep t A RBP_ty) (cti tCTI) (e t timeT->ct_env) 

(p : t imeT- >ct_out ) (t ttimeT) . 

CT_Correct rep cti e p t * 

CT_Bxec cti e p t /\ 

CT_PreC cti e p t 

• m> 

CT_PoetC rep cti apt" 

);? 

let CTSet_Correct - new_def inition 
( 'CTSet_Correct ' , 

"1 (rep t A RBP_ty) (e i timeT->ct_env) (p : timeT->ct_out ) . 

CTSet_Correct rep e p ■ ! (ctitCTI) (t t timeT) . CT_Correct rep cti e p t” 

);; 

cloee_theory ( ) ; / 


4.5 R-Port Transaction-Level Specification 

This section contains the theories rtauxp_def and rtranspjdef, defining the R-Port transaction-level data 
structures and interpreter, respectively. 


v 


Filet rtauxp_def .ml 
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Author j 


(c) D.A. Fura 1993 


Data: 1 March 1993 

This fila contains typas and dafinitions for tha transact ion-laval 
spacif ication of tha P-Procass of tha PIU R-Port. 


■% 


sat_flag ( 'timing trua) ; ; 

s at_a aar ch_path ( saarch_path( ) 9 [ ' /homa/alvis6/dfura/f tap/piu/hol/lib/ ' / 

' /homa/alvis6/dfura/f tap/piu/hol/rport / # ; 
' /homa/alviafi/dfura/hol/Library/tools / ' 
]);; 


ay at am 'rm rtauxp_daf . th' / > 

naw_thaory 'rtauxp_daf ' ; ? 

map naw_parant [ ' raux_daf ' ] / ; 

naw_typa_abbrav { ' tima ' , " : num" ) / ; 
naw_typa_ahbrav { ' timaT * , " t num" ) ; / 

naw_typa_ahbrav ( ' wordn ' , " j num- >boo 1 " ) ; ; 
naw_typa_abbrav ( 'wordnn' , * : num- > wordn" ) ; ; 

% 

Abstract data typa for tha R-port instruction sat 


■% 


lat RTI » 

dafina_typa 'RTI' 

'RTI * RT_Writa | RT_Raad | RT_Idla';/ 


% - 

Abstract data typa for tha R-port transaction opcodas. 


% 


% P-Bus Mastar Opcodas % 
lat pbmop * 

da f ina_t ypa ' pbmop ' 

'pbmop * PBM_WritaLM l PBM_WritaPID | PBM_WritaCB I PBM_RaadLM | 
PBM_RaadPIU I PBM__RaadCB I PBM_Illagal ' ; ; 

% I -Bus Slava Opcodas % 
lat ibsop * 

daf ina_typa ' ibsop ' 

' ibsop * IBS_Raady I IBS_Idla | IBS_Illagal ' ; ; 

% I -Bus Arbitration-Mastar Opcodas % 
lat ibamop * 

da f ina__typa ' ibamop ' 

'ibamop - IBAM_ProcP i IBAM.ProcC | IBAM_Illagal ' ; ; 

% Rasat Mastar Opcodas % 
lat rmop * 

da f ina_typa ' rmop ' 

'rmop » RM_NoRasat | RM_Illagal 1 / ; 


% 

Abstract data typa for tha stata. 


■% 


lat rt_stata = 

daf ina_typa ' r t_s tata ' 

'rt_stata * RTStata wordn wordn wordn wordn wordn wordn wordn 
wordn wordn wordn wordn wordn ' ; ; 


lat RT_icrS = naw_racursiva_daf ini t ion 
falsa 
rt_stata 
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'RT._i.crS * 

"RT_icrS (RTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in RT_ctr2_in 
RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

* RT_icr" ; / 

lat RT_gcrS - nav_racursiva_daf inition 
falsa 
rt_stata 
*RT gcrS ' 

*RT qcrS (RTS tat* RT__icr RT gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in RT_ctr2_in 
RT__ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

■ RT_gcr" 7 ; 

lat RT_ccrS * naw_racursiva_daf inition 
falsa 
rt_stata 
'RT_ccrS * 

"RT_ccrS (RTStata RT_icr RT gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_±n RT_ctr2_in 
RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

= RT_ccr w j ; 

lat RT_srS * naw_racursiva_daf inition 
falsa 
rt_stata 
' RT_srS ' 

"RT_srS (RTStata RT__icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in RT_ctr2_in 
RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

* RT_sr" ; ; 

lat RT_ctrO_inS * naw_ ra cur siva_daf inition 
falsa 
rt_stata 
'RT_ctrO_in S' 

"RT_ctrO_inS (RTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

* RT_ctrO_in *; 7 

lat RT_ctrl_inS * naw_racursiva_daf inition 
falsa 
rt_stata 
' RT_ctrl_inS ' 

-RT_ctrl_inS (RTStata RT_icr RT_gcr RT_ccr RT__sr RT_ctrO_in RT_ctrl_in 
RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

- RT_ctrl_in "; j 

lat RT_ctr2_inS - naw_racursiva_daf inition 
falsa 
rt_stata 
'RT_ctr2_inS # 

"RT_ctr2_inS (RTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 
RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

- RT_ctr2_in*/ ; 

lat RT_ctr3_inS * naw_racursiva_daf inition 
falsa 
rt_*tata 
* RT_ctr3_inS ' 

"RT__ctr3_inS (RTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

= RT_ctr3_in w 7 ; 

lat RT_ctrOS - naw_racursiva_daf inition 
falsa 
rt_stata 
'RT_ctrOS ' 

"RT_ctrOS (RTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

■ RT_ctrO* 7 / 

lat RT_ctrlS ■ naw_racursiva_daf inition 
falsa 
rt_stata 
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'RT_ctrlS ' 

"RT_ctrlS (RTStata RT_lcr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2 RT__ctr3) 

* RT__ctrl w / ; 

lat RT_ctr2S ■ new_recuraive_def inition 
false 
rt_atate 
'RT_ctr2S' 

"RT_ctr2S (RTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_in 

RT_ctr2_in RT_ctr3_in RT_ctrO RT_ctrl RT_ctr2~RT_ctr3 } 

■ RT_ctr2" / ; 

lat RT_ctr3S * new_recuraiva_def inition 
falsa 
rt_state 
'RT_ctr3S ‘ 

*RT_ctr 3S (RTStata RT_icr RT_gcr RT_ccr RT_sr RT_ctrO_in RT_ctrl_ln 

RT_ctr2_in RT_ctr3_ln RT_ctrO RT_ctrl RT_ctr2 RT_ctr3) 

* RT_ctr3 " ; / 
let State_CASBS - 

prove_cases_thin (prove_induction_thm rt_stata) ; ; 

lat State_Selectors_Worfc * prove_thin 
( 'State_Selectors_Wor)c ' , 

" ! s * rt_atate . 

s ■ (RTStata (RT_icrS a) (RT_gcrS s) (RT_ccrS s) (RT_srS a) (RT_ctrO_inS a) 
<RT_ctrl_inS a) (RT_ctr2_inS a) (RT_ctr3_inS a) (RT_ctrOS a) 
(RT_ctrlS a) (RT_ctr2S a) (RT_ctr3S a))", 

QBN_TAC 

THEN STRUCT_CASBS_TAC (SPBC *ajrt_atata" Stata_CASBS) 

THEN RBWRITB_TAC [RT_icrS ; RT_gcrS / RT_ccrS ; RT_arS ; RT_ctrO_inS / RT_ctrl_inS ; 

RT_ctr2_inS/RT_ctr3_inS/RT_ctrOS;RT_ctrlS;RT_ctr2S; 

RT_ctr3S] 

) ; ; 


% 

Abstract data type for the environment . 


% 


lat rt_env « 

define_type 'rt_env' 

' rt_anv ■ RTBnv pbmop wordn wordnn wordn wordnn 
ibamop 
rmop' ; ; 

lat IB_Opcoda_inB * new_recuraive_def inition 
falsa 
rt_env 

' IB_Opcoda_inB ' 

*IB_Opcoda_inB (RTBnv IB_Opcode_in IB_Addx_in IB_Data_in IB_BS_in IB_BB_in 
IBAM_Opcode_in Rst_Opcode_in) 

■ IB_Opcoda_in" ; ; 

lat IB_Addr_inB * naw_racur a ive_def inition 
falsa 
rt_env 

' IB_Addr_inE ' 

" IB_Addr _inB (RTBnv IB_Opcode_in lB_Addr_in IB_Data_in IB_BS_in IB_BB_in 
IBAM_Opcode_in Rst_Opcode_in) 

* IB_Addr_in " / t 

lat IB_Data_inE = naw_racur a ive_def inition 

falsa 

rt_env 

' IB_Data_inB ' 

" iB_Da t a_ inB (RTBnv IB_Opcode_in IB_Addr_in IB_Dat a_in IB_BS_in IB_BB_in 
IBAM_Opcoda_in Rat_Opcoda_in) 

= IB_Data_in" ; ? 

lat IB_BS_inB * naw_racuraiva_daf inition 
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Cals* 
rt_*nv 
' IB_BS_inK * 

"IB__BS_inB (RTEnv IB_Opcod*_in IB_Addr_in IB_Data_in IB_BS_in IB_BE_in 
IBAM_Opcoda_in Rat_Opcoda_in) 

* IB_BS_in" ; ; 

lat IB_BR_inS * n*w_racursiv*_d*f inition 
falsa 
rt_*nv 
' IB_BB_inB ' 

" IB_BR_inE ( RTHnv IB_Opcod#_in IB_Addr_in IB_Data_ln IB_BS_in IB_BB_in 
IBAM_Opcoda_in Rst_Opcod*_in) 

* IB_BE_in w ; ; 

1st IBAM_Opcod*_inB * n#w_r * curs iv#_d*f ini t ion 
falsa 
rt_*nv 

' IBAM_Opcod*_inB ' 

" IBAM_Opcod*_inB (RTBnv IB_Opcoda_in IB_Addr_in IB_Data_in IB_BS_in IB_BE_in 
IBAM_Opcoda_in Rst_Opcoda_in) 

x IBAM_Opcoda_in w ; ; 

1st R*t_Opcod*_inE * n*w_r*cursiv*_d*f inition 
falsa 
rt_*nv 

'Rst_Opcod*_inB ' 

"Rst_Opcod*_iiiE (RTBnv IB_Opcod*_in IB_Addr„in IB_Data_in IB_BS_in IB_BB_in 
IBAM_Opcoda_in Rst_Opcoda_in ) 

* R*t_Opcoda_in' F ; / 


lat Bnv_CASES - 

prova_casas_thm (prova_induct ion_thm rt__*nv) j ; 


lat Bnv_S* lac t or s_Work * prova_thm 
( 'Env_S*l*etors_Work: ' , 

* 1 a i rt_*nv . 

a * (RTBnv (IB_Opcod*_inB a) (IB_Addr_inB a) ( IB_Data_inB a) ( IB_BS_inB 
(IB_BB__inB a) ( IBAM_Opcod#_inE a) ( Rst_Opcod*_inB a) ) " , 

OBN_TAC 

THEN STROCT_CASBS„TAC (SPEC "*:rt_*nv" Bnv_CASBS) 

THEN RBWRITB_TAC ( IB_Opcod*_inB ; IB_Addr_inB; IB_Data_inE; IB_BS_inB; 

IB_BB_inB/ IBAM_Opcoda_inB; Rst_Opcoda_inB] 


)n 


a) 


% - 

Abstract data typa for tba output . 


% 


lat rt_out * 

dafina_typa 'rt_out' 

' rt_out = RTOut lbsop wordnn ' / ; 

lat IB_Opcod*_outO - n*w_r*cursiv*_d*f ini t ion 

falsa 

rt_out 

' IB_Opcoda_outO ' 

* IB_Opcoda_outO (RTOut IB_Opcoda_out IB_Data_out ) 
» IB_Opcoda_out " i ; 

lat IB_Data_outO » naw_racursiva_daf inition 

falsa 

rt_out 

* IB_Data_outO 9 

" IB_Da t a_ou 1 0 (RTOut IB_Opcoda_out IB_Data_out) 

= IB_Data_out m ; ; 

lat Out.CASBS * 

prov*_cas*s_thxn (prova_induction_thm rt_out)/; 

lat Out_S*l*ctors_Work * prova_thm 
( 'Ou^Salactors^Work' # 
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* !pirt_out . 

p * (RTOut { IB_Opcod«_outO p) (IB_Data_outO p))"/ 
OBN_TAC 

THBN STRUCT_CASKS_TAC (SPEC "p:rt_OUt" Ou t_C ASKS) 
THBN RBWRITE_TAC tIB_Opcoda_outO; IB_Data_outO] 

);; 


% 

Pradicatas . 


Mamory Targat 


lat CBuaAddrP = naw_daf inition 
( ' CBuaAddrP * , 

"l (a : wordn ) CBuaAddrP a * KLKMBNT a (29)" 

) 7 7 

lat PRagAddrP = naw_daf inition 
( ' PRagAddrP ' , 

u ! (a : wordn) . . _ . „ 

PRagAddrP a - - (ELEMENT a (29)) /\ (SUBARRAY a (23,22) » WORDN 1 3)" 

)>> 

lat LMamAddrP ■ naw_daf inition 
( ' LMamAddrP ' , 

" ! (a : wordn) . . „ _ . „ 

LMamAddrP a « -(KLKMBNT a (29)) /\ -(SUBARRAY a (23,22) = WORDN 1 3) 

) ;; 

lat RagOP ■ naw_da£ inition 
( ' RagOP ' , 

-i (a i wordn ) . RagOP a - PRagAddrP a /\ (SUBARRAY a (3,0) * WORDN 3 0>” 

) ;; 

lat RaglP ■ naw_daf inition 
( * RaglP * t 

'1 (a i wordn) . RaglP a = PRagAddrP a /\ (SUBARRAY a (3,0) - WORDN 31)” 

>;; 

lat Rag2P ■ naw_daf inition 
( 'Rag2P ‘ , 

-! (a i wordn) . Rag2P a « PRagAddrP a /\ (SUBARRAY a (3,0) - WORDN 32)” 

) II 

lat Rag3P * naw_daf inition 

( ”?*U P i wordn) . Rag3P a - PRagAddrP a A (SUBARRAY a (3,0) - WORDN 3 3)” 

) it 

lat Rag4P * naw_daf inition 

' «***( « P i wordn ) . Rag4P a . PRagAddrP a /\ (SUBARRAY a (3,0) = WORDN 3 4>” 

)ll 

lat Rag5P * naw_daf inition 

( ' Rag5P ' , „ _ v _ 

«! (a : wordn) . Rag5P a = PRagAddrP a /\ (SUBARRAY a (3,0) = WORDN 35)” 

)n 

lat RagSP « naw_daf inition 
( ' Rag6P 1 , 

-! (a .wordn) . Rag6P a = PRagAddrP a A (SUBARRAY a (3.0) « WORDN 36)” 

) ; ? 

lat Rag7P * naw_da£ inition 

('Rag7P', ^ 

“! (a .wordn) . Rag7P a » PRagAddrP a A (SUBARRAY a (3,0) = WORDN 3 7) 

)ll 

lat RagBP = naw_daf inition 
( 'RagBP * , 

-1 (a .wordn) . RagSP a = PRagAddrP a A (SUBARRAY a (3,0) « WORDN 38)” 

) ; I 
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lat Rag9P * MV.dcf inition 
( 'Rag9P ' , 

(a rwordn) . Rag9P a * PRagAddrP a /\ {SUBARRAY a (3,0) * WORDN 39)" 

);; 

lat RaglOP * naw_daf inition 
( 'RaglOP ' , 

" 1 (a rwordn) . RaglOP a « PRagAddrP a /\ {SUBARRAY a (3,0) * WORDN 3 10)" 
);/ 

lat RagllP * naw_daf inition 
( 'RagllP' , 

"I (a rwordn) . RagllP a « PRagAddrP a /\ (SUBARRAY a (3,0) * WORDN 3 11)" 

);/ 

lat Ragl2P * naw_daf inition 
( 'Ragl2P ' , 

"I (a rwordn) . Ragl2P a * PRagAddrP a /\ (SUBARRAY a (3,0) = WORDN 3 12)" 

)/; 

lat Ragl3P * naw_daf inition 
( ' Ragl3P ' , 

"! (a rwordn) . Ragl3P a = PRagAddrP a /\ (SUBARRAY a (3,0) « WORDN 3 13)" 
);/ 

lat Ragl4P ■ naw_daf inition 
( 'Ragl4P ' , 

"1 (a rwordn) . Ragl4P a * PRagAddrP a /\ (SUBARRAY a (3,0) • WORDN 3 14)" 

)// 

lat RaglSP * naw_daf inition 
( 'RaglSP' , 

"1 (a rwordn) . Ragl5P a « PRagAddrP a /\ {SUBARRAY a (3,0) - WORDN 3 15)" 
)// 

cloaa_thaory ( ) 7 7 


Pila t rtranap_daf . ml 

Authorr (c) D . A. Pura 1993 

Datar 1 March 1993 

This fila contains tha ml sourca for tha trans-laval spacification of tha 
R-Port of tha FTSP PIU, an ASIC davalopad by tha Kmbaddad Procassing 
Laboratory, Boaing High Tachnology Cantar. 

% 

aat_saarch_path (saarch_path( ) B [ ' /homa/alvis6/dfura/f tap/piu/hol/rport/ ' ; 

' /homa/alvis 6 /dfura/f tap/piu/hol/lib / ' 7 
' /homa/alvis€/dfura/hol /Library/ abs_thaory/ ' 7 
' / homa / alvie 6 /dfura/hol/ Library /tools/ ' 

})// 

sat_flag ( 'timing' , trua) 7 / 
systam 'rm rtransp_daf . th ' 7 7 
naw_thaory ' rtransp_daf ' 7 7 
loadf 'abs_thaory' 7 7 

map naw_parant [ ' rtauxp_daf ' 7 ' array_daf ' 7 ' wordn_daf ' ) ? 7 


lat REP_ty * abs_typa_inf o (thaoram 'piuaux_daf ' 'RBP ')7 7 


Next etate definition for R-Port instruction*. 


% 


let RT_Write_NSF* new_def inltion 
( 'RT_Write_NSF ' , 

" l ( • irt_etate) (e :rt_*nv) . 

RT_Write_NSF s e * 

let RT_icr * RT_icrS a and 
RT_gcr = RT_gcrS a and 
RT_ccr * RT_ccrS a and 
RT_*r ■ RT_erS a and 
RT_ctrO_ln = RT_ctrO_inS a and 
RT_ctrl_in * RT_ctrl_inS a and 
RT_ctr2_in * RT_ctr2_inS a and 
RT_ctr3_in * RT_ctr3_inS a and 
RT_ctrO = RT_ctrOS a and 
RT_ctrl * RT_ctrlS • and 
RT_ctr2 ■ RT_ctr2S a and 
RT_ctr3 * RT_ctr3S a in 
let IB_Addr_in - IB_Addr_inB e and 
IB_Data_in - IB_Data_inE e and 
IB_BS_in * IB_BS_inE e and 
IB_BE_in * IB_BB_inE e in 
let new_RT_lcr * 

( ( (RegOP IB_Addr_in) /\ (VAL 1 IB_BS_in « 0) ) *> 

(ANDN 31 (ELEMENT IB_Data_in (0)) RT_icr) I 
( {Ragl5P IB_Addr_in) /\ (VAL 1 IB_BS_in =1)) => 

(ANDN 31 (ELEMENT IB_Data_in (1)) RT_icr) | 

( (Regl4P IB_Addr_in) /\ (VAL 1 IB_BS_in « 2)) *> 

(ANDN 31 (ELEMENT IB_Data_in (2)) RT_icr) I 
( (ReglSP IB_Addr_in) /\ (VAL 1 IB_BS_in = 3)) *> 

(ANDN 31 (ELEMENT IB_Data_in (3)) RT_icr> I 
(ReglP IB_Addr_in) -> 

(ORN 31 (ELEMENT IB_Data_in (0)) RT_icr) I 
((RegOP IB_Addr_in) /\ (VAL 1 IBJBS_in >* 1)) *> 

(ANDN 31 (ELEMENT IB_Data_in (1)) 

(ORN 31 (ELEMENT IB_Data_in (0)) RT_icr) ) I 
( (Regl5P IB_Addr_in) /\ (VAL 1 IB_BS_in >- 2)) «> 

(ANDN 31 (ELEMENT IB_Data_in (2)) 

(ORN 31 (ELEMENT IB_Data_in (1)) RT_icr) ) I 
( (Regl4P IB_Addr_in) /\ (VAL 1 IB_BS_in >= 3)) *> 

(ANDN 31 (ELEMENT IB_Data_in (3)) 

(ORN 31 (ELEMENT IB_Data_in (2)) RT_icr) ) I RT_icr) in let new_RT_gcr * 

( (Reg2P IB_Addr_in) »> ELEMENT IB_Data_in (0) I 
(ReglP IB_Addr_in /\ 

(VAL 1 IB_BS_in >■ 1)) *> ELEMENT IB_Data_in (1) I 
(RegOP IB_Addr_in /\ 

(VAL 1 IB_BS_in >* 2)> *> ELEMENT IB_Data_in (2) I 
(ReglSP IB_Addr_in /\ 

(VAL 1 IB_BS_in >* 3)) *> ELEMENT IB_Data_in (3) I RT_gcr) in 
let new_RT_ccr * 

( (Reg3P IB_Addr_in) -> ELEMENT XB_Data_in (0) I 
(Reg2P IB_Addr_in /\ 

(VAL 1 IB_BS_in >* 1)) »> ELEMENT IB_Data_in (1) I 
(ReglP IB_Addr_in /\ 

(VAL 1 IB_BS_in >» 2)) ■> ELEMENT IB_Data_in (2) I 
(RegOP IB_Addr_in /\ 

(VAL 1 IB_BS_in >- 3)) -> ELEMENT IB_Data_in (3) I RT_ccr) in 
let new_RT_er * ( ARBN t wordn) in 
let new_RT__ctrO_in * 

( (Reg8P IB_Addr_in) *> ELEMENT IB_Data_in (0) | 

(Reg7P IB_Addr_in /\ 

(VAL 1 IB_BS_in >* 1)) => ELEMENT IB_Data_in (1) I 
(Reg6P IB_Addr_in /\ 

(VAL 1 IB_BS_in >- 2)) -> ELEMENT IB_Data_in (2) | 

(Reg5P IB_Addr_in /\ 

(VAL 1 IB_BS_in >» 3)) «> ELEMENT IB_Data_in (3) I RT_ctr0__in) in 
let new_RT_ctrl_in * 

( (Reg9P IB_Addr_in) ■> ELEMENT XB_Data_in (0) I 
(RegflP IB_Addr_in /\ 

(VAL 1 IB_BS_in >- 1)) -> ELEMENT IB_Data_in (1) I 
(Reg7P IB_Addr_in /\ 
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RT_ctrl_in) in 


{VAL 1 IB_BS_in >• 2)) ■> BLKMBNT IB_Data_in (2) 

(Rag6P IB_Addr_in /\ 

(VAL 1 IB_BS_in >■ 3)) *> BLKMBNT IB_Data_in (3) 
lat naw_RT__ctr2_in * 

((RaglOP IB_Addr_in) «> BLKMBNT IB_Data_in (0) I 
<Rag9P IB_Addr_in /\ 

(VAL 1 IB_BS_in >« 1)) *> BLKMBNT IB_Data_in (1) 

(RagSP IB_Addr_in /\ 

(VAL 1 IB_BS_in >« 2)) ■> BLKMBNT IB_Data_in (2) 

(Rag7P IB_Addr_in /\ 

(VAL 1 IB_BS_in >« 3)) «> BLKMBNT IB_Data_in (3) I RT_ctr2_in) in 
lat naw_RT_ctr3_in ■ 

( (RagllP IB_Addr_in) «> BLKMBNT IB_Data_in (0) I 
(RaglOP IB_ Add r_in /\ 

(VAL 1 IB_BS_in >« 1) ) *> BLKMBNT IB_Data_in (1) I 
(Rag9P IB_Addr_in /\ 

(VAL 1 IB_BS_in >- 2)) *> BLKMBNT IB_Data_in (2) I 
(RagSP IB_Addr_in /\ 

(VAL 1 IB_BS_in >* 3)) ■> BLKMBNT IB_Data_in (3) I RT_ctr3_in) in 
lat naw_RT_ctrO * 

( (Ragl2P IB_Addr_in) »> BLKMBNT IB_Data_in (0) | 

(RagllP IB_Addr_in /\ 

(VAL 1 IB_BS_in >■ 1)) «> BLKMBNT IB_J)ata_in (1) I 
(RaglOP IB_Addr_in /\ 

(VAL 1 IB_BS_in >* 2)) «> BLKMBNT IB_Data_in (2) I 
(Rag9P IB_Addr_in /\ 

(VAL 1 IB_BS_in >* 3)) => BLKMBNT IB_Data_in (3) I RT_ctrO) in 
lat naw_RT_ctrl * 

<(Ragl3P IB^Addr_in) «> BLKMBNT IB_Data_in (0) | 

(Ragl2P IB^Addr_in /\ 

(VAL 1 IB_BS_in >= 1)) *> BLKMBNT IB_Data_in (1) I 
(RagllP IB_Addr_in /\ 

(VAL 1 IB_BS_in >- 2)) «> BLKMBNT IB_Data_in (2) I 
(RaglOP IB_Addr_in /\ 

(VAL 1 IB_BS_in >« 3)) *> BLKMBNT IB_Data_in (3) | RT_ctrl) in 

lat naw_RT_ctr2 m 

<(Ragl4P IB„Addr_in) *> BLKMBNT IB_Data_in (0) | 

(Ragl3P IB_Addr_in /\ 

(VAL 1 IB_BS_in >- 1)) «> BLKMBNT IB_Data_in (1) | 

(Ragl2P IB_Addr_in /\ 

(VAL 1 IB_BS_in >* 2)) ■> BLKMBNT IB_Data_in (2) I 
(RagllP IB_Addr_in /\ 

(VAL 1 IB_BS_in >* 3)) *> BLKMBNT IB_Data_in (3) | RT_ctr2) in 

lat naw_RT_ctr3 ■ 

( (RaglBP IB_Addr_in) •> BLKMBNT IB_Data_in (0) | 

(Ragl4P IB_*ddr_in /\ 

(VAL 1 IB_BS_in >» 1)) ■> BLKMBNT IB_Data_in (1) I 
(Ragl3P IB_Addr_in /\ 

(VAL 1 IB_BS_in >- 2)) *> BLKMBNT IB_Data_in (2) I 
(Ragl2P IB_Addr_in /\ 

(VAL 1 IB_BS_in >■ 3)) *> BLKMBNT IB_Data_in (3) I RT_ctr3 ) in 

(RTStata naw_RT_icr naw_RT_gcr naw_RT_ccr naw_RT_ar naw_RT_ctrO_in 
naw_RT_ctrl_in naw_RT_ctr2_in naw_RT_ctr3_in naw_RT_ctrO 
naw_RT_ctrl naw_RT_ctr2 naw_RT_ctr3 ) m 


lat RT_Raad_NSP ■ naw_daf ini t ion 
( 'RT_Raad_NSF', 

"1 (• irt_atata) (a trt_anv) . 

RT_Raad_NSP a a ■ 

lat naw_RT_icr » RT_icrS a in 

lat naw_RT_gcr ■ RT tiers a in 

lat naw_RT_ccr ■ RT_ccrS a in 

lat naw_RT_ar • RT_arS a in 

lat naw_RT_ctrO_in * RT_ctrO_inS a in 

lat naw_RT_ctrl_in « RT_ctrl_inS a in 

lat naw_RT_ctr2_in ■ RT_ctr2_inS a in 

lat naw_RT_ctr3_in ■ RT_ctr3_inS a in 

lat naw_RT_ctrO ■ RT_ctrOS a in 

lat naw_RT_ctrl * RT_ctrlS a in 
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let new_RT_ctr2 = RT_ctr2S a in 
let new_RT_ctr3 * RT_ctr3S a in 

(RTState new_RT_icr new_RT_gcr new_RT_ccr new_RT_®r new_RT_ctrO_in 
new_RT_ctrl_in new_RT_ctr2_in new_RT_ctr3_in new_RT_ctrO 
new_RT_ctrl new_RT_ctr2 new_RT_ctr3 ) " 


let RT_Idle_NSF * new_def inition 
( 'RT_Idle_NSF' , 

"l (0 :rt_state) (e jrt_env) . 

RT_Idle_NSF • e ■ 

let new_RT_icr * RT_icrS a in 

let new_RT_gcr * RT_gcrS a in 

let new_RT_ccr = RT_ccrS a in 

let new_RT_sr * RT_srS s in 

let new_RT_ctrO_in - RT_ctrO_inS 0 in 

let new_RT_ctrl_in = RT_ctrl_inS a in 

let new_RT_ct r 2_in - RT_ctr2_inS 0 in 

let new_RT_ct r 3_in « RT_ctr3_inS 0 in 

let new_RT_ctrO * RT_ctrOS 0 in 

let new__RT_ctrl * RT_ctrlS a in 

let new_RT_ctr2 = RT_ctr2S 0 in 

let new_RT_ctr3 * RT_ctr3S a in 

(RTState nev_RT_icr n#w_RT_gcr new_RT_ccr new_RT_er new_RT_ct r 0_in 
new_RT_ctrl_in new_RT_ctr2_in new_RT_ctr3_in new_RT_ctrO 
new_RT_ctrl new_RT_ctr2 new_RT_ctr3 ) * 


% 

Output definition for R-Port instruction® . 


% 


let RT_Write_OF * new_def inition 
( ' RT_Wr ite_OP ' , 

M ! (0 irt_etate) (e :rt_env) . 

RT_Write_OP 0 e « 

let IB_Opcode_out ■ IBS_Ready in 

let IB_Data_out = (ARBN j num- >wordn } in 

(RTOut IB_Opcode_out IB_Data_out ) " 

);; 

let RT_Read_OF ■ new_def inition 
( ' RT_Read_OF ' , 

"l (0 rrt_ 0 tate) (e :rt_env) . 

RT_Read_OF 0 e ■ 

let IB_Opcode_out - IBS_Ready in 
let bs ■ VAL 1 ( IB_BS_inB e) in 

let dO - (RegOP (IB_Addr_inB e) ) *> RT_icrS 0 I 

(ReglP (IB _Addr_inE e)) ■> RT_icrS 0 I 

( Reg 2 P ( IB_Addx_inE e) ) ■> RT_gcrS 0 I 

(Reg3P (IB_Addx_inB e) ) *> RT_ccrS 0 I 

(Reg4P (IB_Addr_inB e) ) «> RT_ 0 rS 0 | 

(RegdP ( IB_Addr_inK e) ) ■> RT_ctrO_inS 0 I 

(Reg9P ( IB_Addr_inB e) ) «> RT_ctrl_inS 0 I 

(ReglOP (IB_Addr_inB e)) *> RT_ctr2_inS 0 I 
(RegllP { IB_Addr_inB e)) *> RT_ctr3_inS 0 | 
(Regl2P (IB_Addr_inB e) ) «> RT_ctrOS a \ 

(Regl3P (IB_Addr_inB e) ) ■> RT_ctrlS a I 

(Reg 14 P {IB_Addr_inB e) ) «> RT_ctr2S a \ 

(ReglSP (IB_Addr_inB e) ) -> RT_ctr3S 0 I ARBN in 

let dl « (be > 0) 

■> (ReglSP (IB_Addr_inB e) ) *> RT_icrS s | 
(RegOP ( IB_Addr_inK e) ) RT_icrS 0 I 
(ReglP ( IB_Addr_inE e) ) *> RT_gcrS 0 I 

(Reg2P (IB_Addr_in B e) ) «> RT_ccrS 0 I 

(Reg3P ( IB_Addr_inB e) ) *> RT_ 0 rS s I 

(Reg7P ( IB_Addr_inB e) ) -> RT_ctrO_infl 0 I 

(RegdP (IB_Addr_inB e) ) => RT_ctrl_inS 0 I 

(Reg9P (IB _Addr_inB e) ) «> RT_ctr2_inS 0 I 
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(RaglOP ( IB_Addr_inE a)) *> RT_ctr 3 _inS 0 | 

(RagllP (IB_Addr_inE a)) »> RT_ctrOS 0 I 

(Ragl 2 P ( IB_Addr_inB •) ) *> RT_ctrlS 0 I 

(Ragl 3 P ( IB_Addr_inE 0) ) *> RT_ctr 2 S 0 I 

(Ragl 4 P ( IB_Addr_inK •) ) -> RT_ctr 3 S 0 I ARBN 

I ARBN in 
lat d 2 * (b0 > 1 ) 

«> (Ragl 4 P ( IB_Addr_inB •) ) *> RT_icrS 0 I 

(Ragl 5 P (IB_Addr_inE •) ) ■> RT_icrS 0 I 

(RagOF ( IB_Addr_inE •)) *> RT_gcrS 0 I 

(RaglP (IB_Addr_inE •)) *> RT_ccrS 0 I 

(R«g 2 P (IB_Addr_inE •)) *> RT_0rS 0 I 

(Rag 6 P (IB _Addr_inE •)) «> RT_ctrO_inS 0 | 

(R«g 7 P ( IB_Addr_inS •)) *> RT_ctrl_inS 0 | 

(Rag 8 P (IB _Addr_inB •)) *> RT_ctr 2 _inS 0 I 

(Rag 9 F ( IB_Addr_inE •) ) => RT_ctr 3 _inS 0 | 

(RaglOP (IB_Addr_inE •) ) *> RT_ctrOS 0 I 

(R^gllP (IB_Addr_inE •) ) *> RT_ctrlS 0 I 

(R«gl 2 P ( IB_Addr_inE •) ) => RT_ctr 2 S 0 I 

(R«gl 3 P (IB_Addr_inE 0) ) *> RT_ctr 3 S 0 I ARBN 

I ARBN in 
l»t d 3 - (b 0 > 2 ) 

*> (Ragl 3 P (IB_Addr_inE •) ) «> RT_icrS 0 I 

(Ragl 4 P ( IB_Addr_inK a)) «> RT_icrS 0 I 

(RaglBP ( IB_Addr_inE •) ) «> RT_gcrS 0 I 

(Rag OP ( IB_Addr_inE •)) => RT_ccrS 0 I 

{RaglP ( IB_Addr_inE •)) «> RT_arS 0 I 

(RagSP (IB _Addr_inB •)) *> RT_ctrO_inS 0 | 

(Rag 6 P ( IB__Addr_inB •)) *> RT_ctrl_inS 0 | 

(R 0 g 7 P ( IB_Addr_inB •)) -> RT_ctr 2 _inS 0 | 

(RagSP ( IB_Addr_inE •)) *> RT_ctr 3 _inS 0 | 

(Rag 9 F (IB _Addr_inB •) ) ■> RT_ctrOS 0 | 

(RaglOP (IB^Addr_inE •) ) *> RT_ctrlS 0 \ 

(RagllP ( IB_Addr_inK 0) ) *> RT_ctr 2 S 0 I 

(Ragl 2 P ( IB_Addr_inE •) ) «> RT_ctr 3 S 0 I ARBN 

I ARBN in 
lat IB_Data_OUt « 

ALTER (ALTER (ALTER (ALTER ARBN(O) dO) ( 1 ) dl){ 2 ) d 2 ) ( 3 ) d 3 in 


(RTOut IB_Opcoda_out IB_Data_out) 


l«t RT_Idla_OF « naw.daf ini t ion 
( 'RT_Idla_OF ' , 

*! (0 irt_atata) (• :rt_anv) . 

RT_Idl«_OP 0 • « 

lat IB_Opcoda_out m IBS__Idla in 

l#t IB_Dmta__out ■ (ARBN t num- >wordn ) in 

(RTOut IB_Opcoda_out IB_Data_out) * 


R-Port interpreter definition. 


lat RT_Bxac * naw_daf inition 
( 'RT_Bxac ' , 

"! (rti :RTI) (0 1 timaT->rt_0tata ) (a i timeT->rt_env) (p t timaT->rt_out ) 
(t itimeT) . 

RT_Bxac rti 0 a p t » 

( IBAM_Opcoda_inE (at) ■ IBAM_ProcP) /\ 


((rti * RT_Writa) *> ( IB_Opcode_inB (a t) ■ PBM_Wr±taPIU) I 
(rti * RT_Raad) *> ( IB_Opcoda_inE (at) * PBM_ReadPItJ) 

% (rti * RT_Idla) % | ( ( IB_Opcoda_inE (a t) « PBM_WritaLM) \/ 

( IB_Opcode_inB (at) * PBM_RaadLM) \/ 

( IB_Opcoda_inE (a t) « PBH.WritaCB) \/ 
( IB_Opcoda_inB (at) «= PBM_RaadCB) ) ) * 


lat RT_PraC « naw_pr im^r a c_daf inition 
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( 'RT_PraC', 

"(RT_PraC (rti: RTI) » • p 0 * T) /\ 

(RT_PraC rti a • p (SUC t) * 

(RT_Bxac RT_Writa a • p t /\ RT_PraC RT_Writa a a p t) \/ 
(RT_Bxac RT_Raad a a p t /\ RT_PraC RT_Raad • • p t) \/ 

(RT_Bxac RT_Idla 9 • p t /\ RT_PraC RT_Idla a • p t)) w 

);/ 

lat RT_PoatC = naw_daf inition 
( ' RT_PoatC ' , 

-• (rti : RTI ) (a :timaT->rt_atata) (• j timaT->rt_anv) 

(p i tim*T->rt_out ) (t :timaT) 

RT_PoatC rti i • p t = 

{rti = RT_Writa) *> ((a (t+1) = RT_Writa_NSF (a t) (• t) ) /\ 

(p t * RT_Writa_OF (a t) (at))) I 
(rti * RT_Raad) => ((a (t+1) « RT_Raad_NSF (a t) (• t)) /\ 

(p t * RT_Raad_OF (a t) (a t))) 

% (rti = RT_Idla) % I ((a (t+1) - RT_Idla_NSF (a t) (a t) ) /\ 

(p t = RT_Idla_OF (a t) (a t))) w 

) ; ; 

lat RT_Corract = naw_daf inition 
( ' RT_Corract ' , 

* ! (rti tRTI ) (a j timaT->rt_atata) (a : timaT->rt_anv) 

(p i timaT->rt_out ) (t :timaT) . 

RT_Corract rti a a p t * 

RT_Bxac rtiaapt/\ 

RT_PraC rti a a p t 

■K> 

RT_PoatC rti a a p t" 

) ; ; 

lat RTSat_Corract * naw_daf inition 
( 'RTSat_Corract ' , 

- j ( 9 jtimaT->rt_atata) (a : timaT->rt_anv) (p : timaT->rt_out) . 
RTSat_Corract a a p * l (rti tRTI) ( t i timaT) . RT_Corract rti a a p t w 

) ; ; 

cloaa_thaory( ) ; ; 
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